GlobalSign Plugin Issuing SHA1 instead of SHA256

Discussion in 'General Discussion' started by AaronMcH, Aug 7, 2014.

  1. AaronMcH

    AaronMcH Mega Poster

    Messages:
    130
    Is it just me, but when someone orders (in this case an AlphaSSL Certificate) through PBAS the certificate that is issued is hashed with SHA1, where the default in GlobalSign's Control Panel is to create a hash using SHA256.

    Is there a way to change which algorithm PBAS tells GlobalSign to use?

    Thank you
    Aaron
     
  2. Paul van Brouwershaven

    Paul van Brouwershaven Bit Poster

    Messages:
    1
    SHA256 is currently not supported by the PBA-S plugin as the GlobalSign is currently falling back to SHA1 when SHA256 is not explicitly requested. This to not create unpredictable behavior in third party environments.

    Support for SHA256 will be added in the next release of the plugin but can also simply added (as default) with a simple modification in the plugin file '/lib/MT/Plugin/SSL/GlobalSign/Transport.pm' at line 203. By adding '_SHA256' to the product code all products will be ordered with SHA256.

    More information about the SHA256 API change can be found in the GlobalSign SSL API Addendum:
    https://www.globalsign.com/partner-center/api-documentation-ssl.html
     
  3. AaronMcH

    AaronMcH Mega Poster

    Messages:
    130
    Hi, thanks for the information.

    The file doesn't seem to exist there, although I did find it under /usr/local/share/perl5/HSPC/MT/Plugin/SSL/GlobalSign/, it also seems to suggest that you append "_SHA2", so I'll try that and see if it works.

    Thank you
    Aaron
     

Share This Page