SSL certificate request

Hi,

I was wondering if it is needed the SHA-256 algorithm to generate a certificate request for node-red or if another algorithm could be used.

Thanks!!

You will need to check out what node.js's https library supports I think?

Some algorithms have been deprecated over the last few years due to vulnerabilities and the increased power of systems that can brute-force them.

Thanks for your response!! The problem is that I cannot find any information about why should we choose the sha-256 algorithm instead of another one. Also, I don't know what different options could we have.

A couple of reference links for you to help you decide :grinning:

SSL/TLS Best Practices for 2021 - SSL.com

Using Transport Layer Security to protect data - NCSC.GOV.UK

I should also note that I generally don't bother too much about the TLS configuration in Node-RED since I'll use a reverse proxy to do the TLS termination for anything serious. I only have it turned on in Node-RED to stop my browser whinging about "insecure" sites when I connect directly.

For external access, I also prefer to only allow that via Cloudflare into the proxy. Cloudflare is able to provide a further level of protection and adds some basic DDOS protection.