I’ve already asked that question at Stackoverflow but it seems there is not a simple answer about that, or maybe just nobody ever thought about that before!
From what I found out earlier in „wget isn’t checking CRLs“, I see there is no need to verify the CRL with SHA2, because this simply won’t happen.
My best guess about that question is, that it simply depends on the used openssl version. There is some evidence – my wget here is linked against the openssl library. You might check for yourself with
$ ldd $(which wget) ... libssl.so.1.0.0 => /lib/i386-linux-gnu/libssl.so.1.0.0 (0xb76d3000) ...
Or you simply check, what you’ve got installed on your system
$ openssl version OpenSSL 1.0.1f 6 Jan 2014
From the date you might find out, that your openssl version for sure supports SHA2! According to openssl 0.9.8 changelog each version since 0.9.8o, 01 Jun 2010, supports the SHA2 hash algorithms.
Schreibe einen Kommentar