EDR: Does an upgrade to EDR 7.8.0 require regenerating the Legacy certificate?
search cancel

EDR: Does an upgrade to EDR 7.8.0 require regenerating the Legacy certificate?

book

Article ID: 289424

calendar_today

Updated On:

Products

Carbon Black EDR (formerly Cb Response)

Issue/Introduction

Does an upgrade to EDR 7.8.0 require regenerating the Legacy certificate?

Environment

  • EDR Server: 7.8.0 version

Resolution

No, regenerating the Legacy server certificate is not required as part of the upgrade to EDR 7.8.0 and can be performed at a later time.

Additional Information

  • Any EDR generated certificates that were created prior to EDR Server 7.1.0 would have used SHA-1 hashing.
  • The EDR 7.8.0 Server Cluster Management Guide has a section "Migration from Legacy to System OpenSSL on EL 8" where it provides a summary of security implications when using SHA-1 certificates and also provides information on how to regenerate the Legacy server certificate to mitigate those risks.