Skip to main content

Recently, our organization has undertaken an effort to replace all SHA-1 SSL certificates with SHA-2. Our Casper servers in test and production are on the list.



Concurrently with this, I observed that our Casper sites with SHA-1 certitificates would not open at all in Firefox 39 (current release) or in the Safari 9 beta. Both reference being unable to create a secure connections, with the Firefox error being more verbose (see picture).



My guess was upgrading the SSL certs to SHA-2 would address this issue, but it hasn't. Our certificate vendor is Comodo/InCommon and I imported their root CA, intermediate, and obviously the one for Tomcat into a new keystore. Has anyone gone through this process and have anything to share? I am going to engage with our security folks as well but wanted to inquire here first.



Thanks,
Bryan

Ran into the same issue, take a look at this post to change the ciphers used. Worked like a charm for us.



https://jamfnation.jamfsoftware.com/discussion.html?id=15032

Thanks for that. My search queries must not be great if I missed it.

@powellbc Have a nose at this too.

Excellent, @bentoms, thanks for sharing! This is preferable to me as it comes straight from Jamf.

Terms & ConditionsCookie settings