SHA-256 COMODO CA Certificate?

I am trying to access test2messaging.easylink.com via SSL. I am sending facsimiles using an older server that does not fully support SHA-2 and so it can only handle certificates with SHA-256 or SHA-1 hashing. The COMODO CA certificates I downloaded through my browser were both using SHA-384 hashing.

Are there COMODO CA certificates (for test2messaging.easylink.com) available that use SHA-256 hashing. If so, where can I download them from?

I understand I can access test2messaging.easylink.com without SSL but then my test userid/pw is going out on the Internet in plain text, so I would prefer to not do that.

Find more posts tagged with

Comments

thuneke

First, I am not sure what Certificates COMODO has.

test2messaging.easylink.com has had SSL turned off for testing prior to being turned off in Production due to the Poodle virus. What are you building in. All of my apps have been built in MS Visual Studio 2008, they have not been affected by this. I did turn off SSL3 in IE.

msrecant

This has nothing to do with SSL3 or my development tool. Nor does it appear that SSL is turned off on test2messaging.easylink.com at this time.

From IE you can connect to https://test2messaging.easylink.com/soap/sync (that is an SSL connection). If you click on the padlock icon, click on VIEW CERTIFICATES and then select the CERTIFICATION PATH tab and it will show you the CA chain necessary to authenticate the test2messaging.easylink.com certificate. The USER TRUST CA certificate uses SHA-1 hashing. The two COMODO CA certificates use SHA-384 hashing. The actual test2messaging.easylink.com certificate (issued by COMODO) uses SHA-256 hashing.

I am using a Unisys MCP server, which does not have the library of ROOT CA certificates that you find on a Windows box. Hence I have to manually load to my MCP server the necessary CA certificates, for authenticating the actual test2messaging.easylink.com certificate. That is not a problem. My problem is that the MCP server can handle SHA-1 and SHA-256 hashing but currently does not have the SHA-384 hashing algorithm implemented (which is used by the two COMODO CA certificates).

Since the use of SHA-384 vs SHA-256 is somewhat arbitrary, my question is whether I can get copies of the two COMODO CA certificates that use SHA-256 hashing, so my MCP system can process them?

thuneke

SSL is indeed turned off on the test system, IE also has TLS built in and will take ove if SSL is not available.

As far as the COMODO ceertificates go, you will have to ask them if you can get them. We do not take care of that.

msrecant

Again, this is not an SSL/TLS issue. It is a certificate hash algorithm issue.

In terms of COMODO, I do expect you (OpenText) to do the follow up. I have no business relationship with COMODO. They have no reason to be responsive to me or my company.

On the other hand, I do have a business relationship with you (OpenText). I am your customer. My belief is that yes, you "do take care of that". You are the ones who picked COMODO as your test CA (switching from Entrust) and you are the ones who purchased your certificate from them. You created the problem by picking a service that uses SHA-384 encoding in their CA certificates.

I am respectfully asking that you please contact them (as your vendor) to see what resolution is available?