Mozilla 도움말 검색

고객 지원 사기를 피하세요. 저희는 여러분께 절대로 전화를 걸거나 문자를 보내거나 개인 정보를 공유하도록 요청하지 않습니다. "악용 사례 신고"옵션을 사용하여 의심스러운 활동을 신고해 주세요.

자세히 살펴보기

How can I disable MD5 signature algorithm on Firefox when creating a CSR?

  • 3 답장
  • 3 이 문제를 만남
  • 3 보기
  • 최종 답변자: naldiello

more options

I'm trying to create a CSR (Certificate Signing Request) in a website using Firefox. When Firefox creates the pair of keys, it signs the CSR using MD5WithRSAEncryption. Due to FIPS compliance, the Certification Authority does not accept md5WithRSAEncryption. The CSR must be signed with sha1WithRSAEncryption.

I'm trying to create a CSR (Certificate Signing Request) in a website using Firefox. When Firefox creates the pair of keys, it signs the CSR using MD5WithRSAEncryption. Due to FIPS compliance, the Certification Authority does not accept md5WithRSAEncryption. The CSR must be signed with sha1WithRSAEncryption.

모든 댓글 (3)

more options

hello, this is quite a detailed request, i'm not sure if something can be done about it within the current firefox preferences - here on the forums we're primarily focused on fixing "solvable" issues. you might want to file a bug report for this issue at https://bugzilla.mozilla.org instead, so that it will gain the attention of developers...

more options

I haven't dealt with CSR's too much, but is there a particular reason you're using Firefox to do this?

At least for SSL certificates, shouldn't this be done on the server?

more options

Hi madperson,

I believe I will report this as a bug since the changes I made should resolve this issue. Furthermore, Mozilla published that they will not be using MD5 signatures as off 2010 (https://wiki.mozilla.org/CA:MD5and1024).

In regards to yalam96's question: Depending on the use and application, some key pairs and CSR can be generated on the server side. For critical applications, such as financial applications, key pair should/must be generated on the client-side (browser) and CSR on the server, that way the CA is never in possession of the client's private key.

N.