New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Reference "thumbprint" as "SHA1 thumbprint" #14672

Merged
merged 1 commit into from Sep 14, 2018

Conversation

Projects
None yet
5 participants
@crpietschmann
Contributor

crpietschmann commented Sep 7, 2018

Updated the references to the certificate thumbprint to be labeled as "SHA1 thumbprint". The documentation isn't very clear as to what SHA hash to generate / use for thumbprints. Azure KeyVault outputs SHA1 hashes for the certificates, and that's fine if you use those directly with Service Fabric. However, with self-generated, self-signed certificates it's important to use SHA1 for generating the thumbprint values to use, and the documentation doesn't mention SHA1 very clearly throughout. This is a cause of confusion since it could be assumed that SHA256 thumbprints would be ok, but they are not and you'll get HTTP 403 errors if you try to use them without any kind of warning as to specifically why. Adding mention of SHA1 should help those that are having issues, or even prevent them all together.

Reference "thumbprint" as "SHA1 thumbprint"
Updated the references to the certificate thumbprint to be labeled as "SHA1 thumbprint". The documentation isn't very clear as to what SHA hash to generate / use for thumbprints. Azure KeyVault outputs SHA1 hashes for the certificates, and that's fine if you use those directly with Service Fabric. However, with self-generated, self-signed certificates it's important to use SHA1 for generating the thumbprint values to use, and the documentation doesn't mention SHA1 very clearly throughout. This is a cause of confusion since it could be assumed that SHA256 thumbprints would be ok, but they are not and you'll get HTTP 403 errors if you try to use them without any kind of warning as to specifically why. Adding mention of SHA1 should help those that are having issues, or even prevent them all together.
@PRMerger6

This comment has been minimized.

Show comment
Hide comment
@PRMerger6

PRMerger6 Sep 7, 2018

Contributor

@crpietschmann : Thanks for your contribution! The author, @rwike77, has been notified to review your proposed change.

Contributor

PRMerger6 commented Sep 7, 2018

@crpietschmann : Thanks for your contribution! The author, @rwike77, has been notified to review your proposed change.

@rwike77

This comment has been minimized.

Show comment
Hide comment
@rwike77

rwike77 Sep 14, 2018

Contributor

@crpietschmann Thanks again for the update. #sign-off

Contributor

rwike77 commented Sep 14, 2018

@crpietschmann Thanks again for the update. #sign-off

@ktoliver ktoliver merged commit a8dfdf0 into MicrosoftDocs:master Sep 14, 2018

1 check passed

license/cla All CLA requirements met.

@crpietschmann crpietschmann deleted the crpietschmann:patch-1 branch Sep 14, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment