AustrianGrid Certification Authority

New Root Certificate with signature using SHA-512 instead of SHA-1

2014-12-01

As the old CA Root Certificate nears its expiry date a new one was issued (for the same key pair). So the new certificate can also validate AustrianGrid CA certificates issued before its own issuance.
It will expire on March 10th, 2025.

Following the actual EUGridPMA and IGTF requirements the signature hash used for the new certificate is SHA-512, a member of the SHA-2 family of hashes. The change from SHA-1 to SHA-512 became necessary due to the increased compute power available threatening the security of SHA-1.

Ensure all your applications (e.g. Grid middleware, web servers, web browsers, e-mail clients) are at a level at which the SHA-2 family of hashes can be used, then replace the old AustrianGridCA Root Certificate for all of them as soon as possible!!!
The serial number of the new root certificate is different from the old one.

Page last updated: 2014-12-01 00:05