Forum Discussion
nitass
May 03, 2015Employee
So I need to add new certificate/key pair which use SHA256 in Key exchange mechanism into Client SSL profile.
And change cipher suit to ex. DEFAULT:SHA256 , something like that, Am I right?
you have to create another key pair which is not rsa (because current one is rsa) such as ecdsa, then get its csr signed by ca. add them to clientssl profile and adjust cipher string if needed (i.e. some cipher suite uses rsa certificate with sha1 and some uses ecdsa certificate with sha256).