Addendum: 1. Created a TLS 1.2 client that send in the signature extensions in the ClientHello that specifies support for only sha1 with RSA.2. The server still does not reply back with the "sha1WithRSAEncryption" certificate. Regards, GauravGaurav Khanna's Blog
| | From: Gaurav Khanna <khanna...@yahoo.com.INVALID> To: "users@httpd.apache.org" <users@httpd.apache.org> Sent: Tuesday, October 28, 2014 12:27 PM Subject: [users@httpd] Two x509 SSL certificates with different signature algorithms differing only in the hash Hi, I have apache configured with 2 SSL X509 certificates with differing signature algorithms as in: 1. sha1WithRSAEncryption 2. sha256WithRSAEncryption Now it seems "that the certificate with "sha256WithRSAEncryption" is always utilized when SSL / TLS is established. Tested with the latest browsers and "openssl s_client". Is this a supported combination while configuring TLS in Apache? Apache: 2.4.10OpenSSL: 1.0.2 beta Regards,GauravGaurav Khanna's Blog | | | | | | | | | | | Gaurav Khanna's BlogThis post will explicate the configuration and deployment of Cassandra v1.2 cluster across 2 Amazon EC2 regions – one EC2 instance in Oregon and the other in Virgi... | | | | View on khanna111.com | Preview by Yahoo | | | | |
