SSL Encypted private key, sha2 (256) certificate and problems
Posted: Sat Apr 11, 2015 1:00 pm
First of all hi to all community
For unknown/unspecified reason, i have not recieve any email from bug reports site when i have tried to register there to report bugs, i will post here my findings, and im trully sorry if is the wrong place (i was willing to do it in bugs report site, but unfortunately, i cannot have account there. i dont know why)
Lets begin:
Im using StartSSL. They giving free of charge fully trusted certificates.
Now the problem is:
From their web site, when you want to create cerificates, you must give password for private key (and you cannot avoid it ----> only if you have already created csr from somewhere else). So the private key is encrypted no matter what.
I have choose to generate from their web tool my certificate, and i choose sha2 (sha256) for my certificate and not sha1 which is now old and not recomended.
I have succefully create the cerificate, and i have proceed to install it to unrealircd.
That was totally failure.
UnrealIRCD says he cant load private key (when im doing ./unreal start he ask me for the private key password, and im putting the right one there).
As it seems, unrealircd cannot work properly with sha2 (sha256 certificates) and requires sha1 which is old, not recomended and insecure.
When im trying to load in unrealircd, using startssl web tools for generating sha1 certificate, even with private key encryption is working ok. But not for sha2.
private key length in both ways, are 2048 (4096 dosent working with UnrealIRCD).
Maybe devs should look into this issue? UnrealIRCD must have support for sha2 cerificates and 4096 length
For unknown/unspecified reason, i have not recieve any email from bug reports site when i have tried to register there to report bugs, i will post here my findings, and im trully sorry if is the wrong place (i was willing to do it in bugs report site, but unfortunately, i cannot have account there. i dont know why)
Lets begin:
Im using StartSSL. They giving free of charge fully trusted certificates.
Now the problem is:
From their web site, when you want to create cerificates, you must give password for private key (and you cannot avoid it ----> only if you have already created csr from somewhere else). So the private key is encrypted no matter what.
I have choose to generate from their web tool my certificate, and i choose sha2 (sha256) for my certificate and not sha1 which is now old and not recomended.
I have succefully create the cerificate, and i have proceed to install it to unrealircd.
That was totally failure.
UnrealIRCD says he cant load private key (when im doing ./unreal start he ask me for the private key password, and im putting the right one there).
As it seems, unrealircd cannot work properly with sha2 (sha256 certificates) and requires sha1 which is old, not recomended and insecure.
When im trying to load in unrealircd, using startssl web tools for generating sha1 certificate, even with private key encryption is working ok. But not for sha2.
private key length in both ways, are 2048 (4096 dosent working with UnrealIRCD).
Maybe devs should look into this issue? UnrealIRCD must have support for sha2 cerificates and 4096 length