ECDSA certificate not NIST/HIPAA compliant, because SERVER CERTIFICATES ARE SIGNED WITH A WRONG ALGORITHM (sha256WithRSAEncryption instead ecdsa-with-SHA256)

Ilya_indigo · September 8, 2019, 11:03am

ECDSA certificate not NIST/HIPAA compliant, SERVER CERTIFICATES ARE SIGNED WITH A WRONG ALGORITHM (sha256WithRSAEncryption instead ecdsa-with-SHA256).
https://www.immuniweb.com/ssl/?id=cRcQCUmb

Why you sha256WithRSAEncryption instead ecdsa-with-SHA256?

tdelmas · September 8, 2019, 11:09am

Let’s Encrypt only provide leaf ECDSA certificates, signed by RSA intermediates. (or leaf RSA certificates, signed by RSA intermediates)

It will provide in the future, ECDSA certificates, signed by ECDSA intermediates: https://letsencrypt.org/upcoming-features/

Ilya_indigo · September 8, 2019, 11:15am

Thank you for the quick response!
I will wait for this support!

Tell me, please, do you support the signature of ECDSA certificates created using the X25519 curve?

Osiris · September 8, 2019, 3:48pm

No, Let's Encrypt doesn't support EdDSA. Mostly, I think, because it isn't allowed by the CA/B Forum.

system · October 8, 2019, 3:48pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
ECDSA certificate not NIST/HIPAA compliant? Issuance Policy	4	3689	November 15, 2016
Support Ed25519 and Ed448 Feature Requests	11	9387	December 29, 2020
Support for SHA384 and SHA512 Hashing Algorithms Issuance Tech	4	3964	January 8, 2023
Problem with Signature Algorithm Help	7	2172	August 10, 2023
sha256WithRSA instead ecdsa-with-SHA256 with Certbot Issuance Tech	17	7728	March 18, 2021

ECDSA certificate not NIST/HIPAA compliant, because SERVER CERTIFICATES ARE SIGNED WITH A WRONG ALGORITHM (sha256WithRSAEncryption instead ecdsa-with-SHA256)

Related topics