You should be able to regenerate the certificates with a secure signing algorithm. This thread has some other alternatives, like recompilining. OpenSSL with an insecure flag.
https://superuser.com/questions/1737052/openssl-error0a00018essl-routinesca-md-too-weak [apple-touch-icon@2.png] OpenSSL: error:0A00018E:SSL routines::ca md too weakhttps://superuser.com/questions/1737052/openssl-error0a00018essl-routinesca-md-too-weak superuser.comhttps://superuser.com/questions/1737052/openssl-error0a00018essl-routinesca-md-too-weak
Sent from my iPad
On Apr 17, 2024, at 3:04 AM, Uwe Sauter uwe.sauter.de@gmail.com wrote:
Hi all, one of my Rocky Linux 8 servers was updated automatically to 2. 6. 7 this night from the Symas repo. The install script seems to include an automated restart of the service but that failed with: main: TLS init def ctx failed: -1 error: 0A00018E: SSL
Hi all,
one of my Rocky Linux 8 servers was updated automatically to 2.6.7 this night from the Symas repo. The install script seems to include an automated restart of the service but that failed with:
main: TLS init def ctx failed: -1 error:0A00018E:SSL routines::ca md too weak
As this is an internal network with a private CA the strength of the CA is of minor relevance.
I think the change comes with symas-openssl-libs-3.0.8-1.el8.x86_64…
Can anyone suggest a workaround (other than exchanging the CA and its issued certificates)?
Thanks,
Uwe