+ Start a Discussion

SHA1 cert vs SHA2 cert

Hi folks,

We have an integration with one client application from salesforce. All the intgration should go thru Proxy server (another client application). 

To achive this, we have configured Mutual Authentication in my sandbox and configured proxy server certificate (VeriSign Class 3 Internation Server CA - G3) signed by VeriSign in my sandbox and it's working.

Problem with another sandbox, where proxy server certificate (Symantec Class 3 Internation Server CA - G4 ) signed by Symantec which isn't supported by salesforce SSL certificate list.

I am thinkin of pushing salesforce to add "Symantec SHA2 ones" to their trust list, since industry is moving to the new SHA2 intermediate.

Do you guys think salesforce can do this for me?

Appreciate your suggestions !!

Honestly, I think you have a better chance of getting the business to buy you a new cert. 

These certs likely (i'm guessing here) end up on ssl aggrigators that have specialized hardware to deal  with millions of SSL requests. that hardware may not be capable of handling the cert type, hence the compatabilty list. 

While the industry is moving twoards newer certs, one user is unlikely to get them to change ahead of their intended schedule.