Is anyone familiar with where to get certificates for SHA3?
The answer to your question is probably: nowhere.
As far as I can tell, only SHA-2 (SHA-256/SHA-384/SHA-512) is allowed according to the CA/Browser Forum Baseline Requirements. See sections 22.214.171.124.1 and 126.96.36.199.2 for the details.
Hi @jay_vandervoort and welcome to the LE community forum
@Osiris, Not even via
smallstep or some other non global CA system?
Here the term "get" can also be read as "make"
I don't read globally trusted in the question.
@jay_vandervoort must the cert be globally trusted?
I interpreted it as "get a cert from a publicly trusted CA".
Also, OpenSSL can perfectly generate SHA3 certs:
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -sha3-256 -keyout sha3test-privkey.pem -out sha3test-cert.pem
Just use any of the possible
-sha3-* digest options. See
openssl dgst -list | grep sha3 for all options on your system.
Although it may seem implied, I try to keep to what is written.
That was my first "go to".
I try to read anything ambiguous in the context/purpose of this Community, which is mainly about publicly trusted certificates to enable HTTPS for all websites on the (public) world wide web.
Also, the thread is opened in #issuance-policy
Thank you for the welcome and incredibly fast response. I have experience in OpenSSL and do appreciate the suggestion, however, we're looking for certificates provided by a CA. It does seem like there's nothing available and appreciate the feedback and additional insights.
I would welcome SHA3 with open arms; And I'm also waiting for
But I don't think will be putting either under my this year.
[maybe next year will yield more of these types of advances ]
Cheers from Miami
FYI [to all]:
Last modified 20th December 2017
I lack sleep - LOL
came early this year!
While new options wouldn't hurt I think, the current industry standpoint seems to be that it's not necessary (which is debatable). Keccak (SHA-3) is a great algorithm, however because there are currently no significant weaknesses* known for the SHA-2 family (there are some - let's say suboptimal - things in SHA-2 though). Hence the current view is that SHA-3 "is not meant to replace SHA-2" (from Wikipedia). It's more of a "have this thing in the toolset in case of emergency" case. The current state is that many current protocols (e.g TLSv1.3 or SSH-2) do not implement SHA-3 and/or have no immediate plans to implement them either, even though SHA-3 has been around for a while now. There's just no(t enough) pressure to do anything right now.
*This is debatable, as it depends on your classification of "significant weakness".
However, because of slow migration from SHA-1 to SHA-2 in the past, I think having more widespread support for SHA-3 would ease up a switch, if/when a migration from SHA-2 to Keccak becomes necessary. But I think before you can talk about this with the BR people, you need library, protocol and hardware support first. OpenSSL already has SHA-3, but there's much more than just OpenSSL out there.
SHA-3 also isn't that fast in software, so hardware support would be a really cool thing. But it takes a lot of time until that hardware reaches most consumers (or datacenters). I don't even have SHA(-2) extensions in my current CPU .