Ismail_319212
Jul 12, 2018Nimbostratus
vulnerabilities
How can fix the vulnerabilities on F5 Big IP ver12.1.0 please advice me
SHA-1-based Signature in TLS/SSL Server X.509 Certificate
Weak Cryptographic Key
Thank you
How can fix the vulnerabilities on F5 Big IP ver12.1.0 please advice me
SHA-1-based Signature in TLS/SSL Server X.509 Certificate
Weak Cryptographic Key
Thank you
Hi ismael,
The previously used Secure Hash Algorithmus SHA-1 is not regarded as totally secure anymore. Google and Microsoft decided to reject SSL certificates using SHA-1 in the future and to denote them in their browsers as „not secure".
You have to renew your actual cert with SHA256:
https://blog.qualys.com/ssllabs/2014/09/09/sha1-deprecation-what-you-need-to-know
Let me now if you need more details