• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 235
  • Last Modified:

Testing for SHA-2 compatibility on an application

I am in the process of upgrading my SHA1 certificates to SHA-256. Before I do anything I want to check application compatibility with SHA-2. I could just create a new SHA-256 cert and test it out but wanted to see if there is another way?
0
YZlat
Asked:
YZlat
  • 2
  • 2
2 Solutions
 
btanExec ConsultantCommented:
If you meant to test your appl for sha2  interoperability, I should say go through the same regime of staging environment and test with your data set as the storage of hash output increased as compared to sha1. This is applicable if your have your DB  storing those output.

In term of performance issue, ther should not be until actual measurements are performed. Hash functions are fast. In most situations, hash function performance has only negligible impact; using the computing hardware these day in even have any detecting of such change could prove difficult. Security must comes first.

Otherwise if it is just upgrade of (let say) SSL cert for web based check and compliant, you can check out ssl test online which covers server and client (browser)
(look at some of the listed toolkit set to check on weak cipher)
https://www.owasp.org/index.php/Testing_for_Weak_SSL/TLS_Ciphers,_Insufficient_Transport_Layer_Protection_(OTG-CRYPST-001)#Testing_for_Weak_SSL.2FTLS_Cipher_Suites.

You can consider iiscrypto tool if you are using Windows. This tool read the Registry and show the cipher used and baseline for the Windows OS platform. See this EE discussion.
https://www.experts-exchange.com/questions/28961303/Enterprise-CA-TLS-1-2-Template.html#a41741956

Testing is rather specific to your use case, you will need to plan out the test instead.
0
 
YZlatAuthor Commented:
Actually I was looking to test whether a particular app would work with new SHA-2 certificate
0
 
btanExec ConsultantCommented:
You can access the service with the certificate replaced. The tool will ensure the certificate binded to your service is as expected.
0
 
YZlatAuthor Commented:
Thanks for some useful info
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Easily Design & Build Your Next Website

Squarespace’s all-in-one platform gives you everything you need to express yourself creatively online, whether it is with a domain, website, or online store. Get started with your free trial today, and when ready, take 10% off your first purchase with offer code 'EXPERTS'.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now