Signature Hash Algorithm (Security IKE)
Syntax
signature-hash-algorithm (sha1 | sha256 | sha384 | sha512);Hierarchy Level
[edit security ike proposal proposal-name]
Description
Defines the digital signature hash algorithms that must match with the received signature hash algorithms in the hierarchical order for IKEv2. If your device doesn't find a match, negotiation with the IKE peer fails. This configuration ensures that the peers negotiate a specific set of signature hash algorithms. Note that you cannot use the configuration statement with IKEv1.
If not configured, the default value is all the supported hash algorithms.
Options
| sha1 |
Select SHA-1 signature hash algorithm. |
| sha256 |
Select SHA 256-bit signature hash algorithm. |
| sha384 |
Select SHA 384-bit signature hash algorithm. |
| sha512 |
Select SHA 512-bit signature hash algorithm. |
Required Privilege Level
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release 24.4R1.