Solved

Testing for SHA-2 compatibility on an application

Posted on 2016-09-09
4
54 Views
Last Modified: 2016-09-19
I am in the process of upgrading my SHA1 certificates to SHA-256. Before I do anything I want to check application compatibility with SHA-2. I could just create a new SHA-256 cert and test it out but wanted to see if there is another way?
0
Comment
Question by:YZlat
  • 2
  • 2
4 Comments
 
LVL 61

Accepted Solution

by:
btan earned 500 total points
ID: 41792327
If you meant to test your appl for sha2  interoperability, I should say go through the same regime of staging environment and test with your data set as the storage of hash output increased as compared to sha1. This is applicable if your have your DB  storing those output.

In term of performance issue, ther should not be until actual measurements are performed. Hash functions are fast. In most situations, hash function performance has only negligible impact; using the computing hardware these day in even have any detecting of such change could prove difficult. Security must comes first.

Otherwise if it is just upgrade of (let say) SSL cert for web based check and compliant, you can check out ssl test online which covers server and client (browser)
(look at some of the listed toolkit set to check on weak cipher)
https://www.owasp.org/index.php/Testing_for_Weak_SSL/TLS_Ciphers,_Insufficient_Transport_Layer_Protection_(OTG-CRYPST-001)#Testing_for_Weak_SSL.2FTLS_Cipher_Suites.

You can consider iiscrypto tool if you are using Windows. This tool read the Registry and show the cipher used and baseline for the Windows OS platform. See this EE discussion.
https://www.experts-exchange.com/questions/28961303/Enterprise-CA-TLS-1-2-Template.html#a41741956

Testing is rather specific to your use case, you will need to plan out the test instead.
0
 
LVL 35

Author Comment

by:YZlat
ID: 41796759
Actually I was looking to test whether a particular app would work with new SHA-2 certificate
0
 
LVL 61

Assisted Solution

by:btan
btan earned 500 total points
ID: 41797090
You can access the service with the certificate replaced. The tool will ensure the certificate binded to your service is as expected.
0
 
LVL 35

Author Closing Comment

by:YZlat
ID: 41805408
Thanks for some useful info
0

Featured Post

Free Gift Card with Acronis Backup Purchase!

Backup any data in any location: local and remote systems, physical and virtual servers, private and public clouds, Macs and PCs, tablets and mobile devices, & more! For limited time only, buy any Acronis backup products and get a FREE Amazon/Best Buy gift card worth up to $200!

Join & Write a Comment

Many companies are looking to get out of the datacenter business and to services like Microsoft Azure to provide Infrastructure as a Service (IaaS) solutions for legacy client server workloads, rather than continuing to make capital investments in h…
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now