This document describes the procedure to use SHA256 with CVP.
Cisco recommends that you have knowledge of these topics:
The information in this document is based on CVP 10.5.
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, ensure that you understand the potential impact of any command.
Starting January 2016 all browsers rejected SHA1 signed certificates. This did not render the requested services correctly, unless you move from SHA1 to SHA256.
With recent development in computational algorithms as well as the explosive computational capacity, SHA1 has grown weaker day by day. This led to fundamental degradation collision resistance of the SHA1 and eventual demise.
Certificate exchange procedure between CVP Operations Console (OAMP):