Tentacle Certificate Signature Algorithms

We generated a fail with Nessus scanner on the tentacle certificate. What can we do to regenerate this with a stronger signature algorithm?

Hi @nbraasch!

You can use the new-certificate command to register a new certificate, which should be SHA256RSA, assuming you’re using a recent tentacle version on the machine.

As we don’t regenerate the certificates after install time, you’re using a certificate that was there from your initial tentacle install, and at that time we used SHA-1.

I hope this helps, and please don’t hesitate to reach out if you have any further questions.

Thanks - if I re-gen the cert, will I need to re-register with the server?

You should just be able to update the thumbprint in Infrastructure -> Deployment Targets -> the tentacle.