wodCertificate > CSR with old MD5-RSA Hash Algorhythm - WeOnlyDo Discussion board

wodCertificate > CSR with old MD5-RSA Hash Algorhythm (wodWebServer / wodWebServer.NET)

by Michael Schwing, Thursday, June 04, 2020, 15:20 (1631 days ago)

Hi there,

i just wanted to build me a quick tool to generate CSRs for our customers as we are succesfully using wodWebServer for years.

Everything just works fine, but i hit a brick wall when i tried to use the CSR for real.

wodCertificate.dll (even in the latest available version) is using Signature Algorithm = md5WithRSAEncryption

Wow! That's creepy as MD5 is outdated and not anymore accepted by pretty much every serious CA out there.

Is there any easy way to either make the used SigHash Algo a chooseable option?

Best pratice would be default to sha256WithRSAEncryption

If "optional" is not an easy way to go, at least a fix should be a change from MD5 to SHA256. So a simple wodCertificate.request(...) will result in a CSR with SHA- and not with MD5 hashed Signing-Algo.

Any chance that a fix is possible with this?

Thanks and best regards
Michael

wodCertificate > CSR with old MD5-RSA Hash Algorhythm

by Jasmine, Thursday, June 04, 2020, 16:13 (1631 days ago) @ Michael Schwing

Michael,

hmm, I think we changed this, but I'm not 100% sure. What version of wodCertificate are you using?

Jasmine.

wodCertificate > CSR with old MD5-RSA Hash Algorhythm

by Michael Schwing, Thursday, June 04, 2020, 16:24 (1631 days ago) @ Jasmine

Michael,

hmm, I think we changed this, but I'm not 100% sure. What version of wodCertificate are you using?

Jasmine.

Hi Jasmine,

perhaps i stumbled over some weird chaching effect. I will check where the actual registered classes are showing to and see if this is somewhere unintentionally...

On first sight it looks like the regular c:\windows\syswow64\wodcertificate.dll location (yes we are using 32bit :-) )

The version on that location does show: 1.7.8.11, lastEdited: 04.12.2019

<weird...>

wodCertificate > CSR with old MD5-RSA Hash Algorhythm

by Michael Schwing, Tuesday, June 09, 2020, 09:51 (1626 days ago) @ Jasmine

Michael,

hmm, I think we changed this, but I'm not 100% sure. What version of wodCertificate are you using?

Jasmine.

Hi Jasmine,

anything new on this topic? Did you had a chance to check if this should work with SHA256 or if this is something that needs to be fixed?

Thx and best regards
Michael

wodCertificate > CSR with old MD5-RSA Hash Algorhythm

by Jasmine, Tuesday, June 09, 2020, 17:06 (1626 days ago) @ Michael Schwing

Michael,

yes, you're using wodWebServer ActiveX? Can you please request update and install latest version of wodCertificate that comes with it, it should be 1.7.9.12 and use SHA256?

Regards,
Jasmine.

wodCertificate > CSR with old MD5-RSA Hash Algorhythm

by Michael Schwing, Wednesday, July 15, 2020, 15:29 (1590 days ago) @ Jasmine

Hello Jasmine,

sorry to reply so late. We were quite busy lately...

Just wanted to thank you. Yes, the new version of wodCertificate is working fine and uses the SHA256 instead of MD5.

So no more weird error-answers from our certificate provider due to our weirdo-CSRs.

Thanks again and best regards

Michael