Addendum: 1. Created a TLS 1.2 client that send in the signature extensions in
the ClientHello that specifies support for only sha1 with RSA.2. The server
still does not reply back with the sha1WithRSAEncryption certificate.
Regards,
GauravGaurav Khanna's Blog
| |
From: Gaurav Khanna
Hi,
I have apache configured with 2 SSL X509 certificates with differing signature
algorithms as in:
1. sha1WithRSAEncryption
2. sha256WithRSAEncryption
Now it seems that the certificate with sha256WithRSAEncryption is always
utilized when SSL / TLS is established. Tested with the latest