Werk #16762: check certificates: fix signature algorithm configuration
| Component | Checks & agents | ||
| Title | check certificates: fix signature algorithm configuration | ||
| Date | Apr 24, 2024 | ||
| Level | Trivial Change | ||
| Class | Bug Fix | ||
| Compatibility | Incompatible - Manual interaction might be required | ||
| Checkmk versions & editions |
|
Upgrading from 2.3.0b4 to a later version could cause the Check Certificates settings for signature algorithms to load incorrectly due to missing choices in the old settings.
This werk ensures correct loading.
This work is incompatible because some old algorithms are no longer available. Old configurations are converted as follows:
rsa
- sha224: RSA_WITH_SHA224
- sha256: RSA_WITH_SHA256
- sha384: RSA_WITH_SHA384
- sha512: RSA_WITH_SHA512
- sha3_224: RSA_WITH_SHA224
- sha3_256: RSA_WITH_SHA256
- sha3_384: RSA_WITH_SHA384
- sha3_512: RSA_WITH_SHA512
ecdsa
- sha224: ECDSA_WITH_SHA224
- sha256: ECDSA_WITH_SHA256
- sha384: ECDSA_WITH_SHA384
- sha512: ECDSA_WITH_SHA512
- sha3_224: ECDSA_WITH_SHA224
- sha3_256: ECDSA_WITH_SHA256
- sha3_384: ECDSA_WITH_SHA384
- sha3_512: ECDSA_WITH_SHA512
rsassa_pss
Everything to RSASSA_PSS
ed25519
ED25519
dsa
- sha224: DSA_WITH_SHA224
- sha256: DSA_WITH_SHA256
- sha384: DSA_WITH_SHA256
- sha512: DSA_WITH_SHA256
- sha3_224: DSA_WITH_SHA224
- sha3_256: DSA_WITH_SHA256
- sha3_384: DSA_WITH_SHA256
- sha3_512: DSA_WITH_SHA256