9

I've read:

By default, OpenSSL cryptographic tools are configured to make SHA1 signatures. for example, if you want to generate a SHA256-signed certificate request (CSR) , add in the command line: -sha256

I was required to upgrade an existing SHA1 certificate to SHA256. I generated a new CSR and sent it off to RapidSSL, before realising that I hadn't specified -sha256 in the CSR.

I've contacted them and they say "a replacement for a Sha2 certificate has been made and current state of the order is waiting for an approval. Once the order is approved will the new certificate be issued with SHA2 algorithm."

My question is, is it possible for them to get my SHA1 CSR and say "ok, we're giving you an SHA256 certificate back anyway because that's all we do now"? And will that certificate work with the private key I've generated corresponding to that SHA1 CSR?

How does it work? When I pass in -sha256 (or when I don't) at the time of generating a CSR, what does that affect, other than just making a note in the CSR saying "hey, this person wants SHA256 encryption on their certificate"? Does it affect the generated private key in any way?

joshua.paling
  • 1,115
  • 2
  • 10
  • 13

1 Answers1

6

It's possible because the signature of a CSR is only used to prove that you are indeed the owner of the private key that matches with the public key embedded in the CSR. Once the CA (RapidSSL in your case) decides that the CSR is valid it's signature becomes meaningless for the further process of creating the certificate and is effectively discarded.

For the full gory details on what's in a certificate see rfc5280-4.1.2

Erik Dannenberg
  • 296
  • 1
  • 5
  • So that means it's only the certificate itself that's encrypted with SHA256. The private key (and it's public counterpart embedded in the CSR) have nothing to do with SHA256. Correct? – joshua.paling Jan 07 '16 at 03:26
  • 1
    @joshua.paling SHA is a secure hashing algorithm, it is only used for signing things like a CSR or certificate, the embedded public key will be used for encryption later, the certificate itself is not encrypted. – Erik Dannenberg Jan 07 '16 at 03:45