I’ve been testing LAN-to-LAN OpenVPN connection with certificates made by my Zentyal server, between two sites running ZeroShell. I use ZeroShell import feature to import the Zentyal_generated certificates on each site.
If I sign the certificates using SHA1, both sites connect with no issues.
Signing them with the more secure standard SHA256 would not allow connection.
Has anyone seen this? Is there any security guru interested in troubleshooting this with me?
For the sake of operations, I’ve gone back to SHA1 signature, but I read that it is being considered less secure and will be made obsolete in 2017.