Can Messaging Gateway use a TLS certificate based on the SHA2/SHA256 hash algorithm?

Article Id: 158367

Status: Published

Updated On: 27-01-2019 09:46

Legacy Id: TECH210210

Products:

Messaging Gateway

Issue/Introduction:

Regulations or internal security policy require that you use Transport Layer Security (TLS) certificates which rely on the secure SHA2 or SHA256 hashing algoritm and you are uncertain as to whether this is supported by the Symantec Messaging Gateway (SMG)

Resolution:

SMG supports the SHA2 / SHA256 hashing algorithms in software release 9.5.2 and later as part of the larger FIPS 140-2 certification. As part of these certification efforts, supported cipher suites include but are not limited to the following:

DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:KRB5-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-SHA

Additional Resources
http://en.wikipedia.org/wiki/SHA2
http://en.wikipedia.org/wiki/FIPS_140-2

Applies To

Symantec Messaging Gateway Appliance