Given google chromes requirement to present sha256 or more secure certificates to ensure browser security, is there a way to specify the digest of the client side certificate presented by the srx issued for the site that is browsed to when ssl forward proxy is enabled? I was under the assumption that it should inherit the signature algorithm from its certificate but despte the fact the srx is presenting sha256 for its own and the root ca certificate it is creating a sha1 certificate for the client side...?
↧