Why Is The Thumbprint Algorithm SHA1 On A SHA2 Certificate?

(Doc ID 2197889.1)

Last updated on SEPTEMBER 18, 2017

Applies to:

Oracle HTTP Server - Version 11.1.1.1.0 and later
Information in this document applies to any platform.

Goal

A certificate request was generated and sent to a Certificate Authority (CA) for signing.  Reviewing the certificates received from the CA by clicking on the certificate in on a MS Windows machine shows that the certificate is a SHA256 (SHA-2) certificate:

However, reviewing the rest of the fields in the certificate shows that the Thumbprint algorithm is SHA1:

Is there a problem with this certificate?  Does the thumbprint field need to be considered in setting up SSL communication between components on system?

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms