Info: Unable to issue Symantec certificates issued by a SHA256 Root/Intermediate


On January 1st 2016 Symantec updated their chain to support SHA256 signing from the root level. An update to Venafi is needed to continue to issue SHA256 certificates using Symantec.

More Info:

Up until 12/31/15 the Symantec MPKI Vice2 driver supported two different VeriSign/Symantec products. 

Product 1: SHA1 intermediate with SHA1 root
Product 2: SHA256 intermediate with SHA1 root

As of 1/1/16, Symantec/VeriSign discontinued Product 1 and added a Product 3.
Product 1: Discontinued
Product 2: SHA256 intermediate with SHA1 root
Product 3: SHA256 intermediate with SHA256 root

This has been fixed in 15.3.4, 15.4.1 and all future releases of Venafi Trust Protection Platform. 

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request