You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When decrypting a PKCS#12 file generated by xCA 2.8.0 I noticed openssl gave me this info:
openssl pkcs12 -info -in p12test.pfx -nodes
Enter Import Password:
MAC: sha1, Iteration 1
MAC length: 20, salt length: 8 PKCS7 Encrypted data: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 2048
Certificate bag
Bag Attributes
PKCS7 Data Shrouded Keybag: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 2048
Bag Attributes
I noticed that xCA is using 3DES for security with SHA1.
Please either a) update the default P12 export handling to use better default cryptographic mechanisms (as defined by RFC 7292) or b) allow users to configure these cryptographic mechanisms directly.
The text was updated successfully, but these errors were encountered:
When decrypting a PKCS#12 file generated by xCA 2.8.0 I noticed openssl gave me this info:
openssl pkcs12 -info -in p12test.pfx -nodes
Enter Import Password:
MAC: sha1, Iteration 1
MAC length: 20, salt length: 8
PKCS7 Encrypted data: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 2048
Certificate bag
Bag Attributes
PKCS7 Data
Shrouded Keybag: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 2048
Bag Attributes
I noticed that xCA is using 3DES for security with SHA1.
Please either a) update the default P12 export handling to use better default cryptographic mechanisms (as defined by RFC 7292) or b) allow users to configure these cryptographic mechanisms directly.
The text was updated successfully, but these errors were encountered: