Automatic, on-demand regeneration for server<->tentacle certificates
As per https://octopus.com/blog/shattered
SHA1 -> SHA256 upgrade is currently manual (or custom scripting). It would be good if Octopus could manage certificate regeneration on-demand, with an option to choose an appropriate, current cipher.
3
votes
Jason
shared this idea
-
Blake Duffey
commented
This is a must as SHA1 certs are flagged by our regular security scan. SHA1 certs have been deprecated for several years now. https://blog.qualys.com/ssllabs/2014/09/09/sha1-deprecation-what-you-need-to-know