VMware Cloud Community
njcmdrx
Contributor
Contributor
‎11-06-2013 05:07 PM

SSL Automation tool gives Warning during update of SSL Cert: weak one-way hash MD5

I have been updating ssl certs using the ssl updater tool.

On my inventory certificate I get a warning:  "signature uses a weak one-way hash (MD5). In a secure environment its is recommended to use SHA2-256 or stronger hash algorithm."

Anyone know where I can set this?  Is it in the local servers openssl config or on the Microsoft CA I have available?  If so how can I set this?

0 Kudos
2 Replies
njcmdrx
Contributor
Contributor
‎11-06-2013 05:36 PM

I tried to edit the /tools/generate-csr.bat file in the SSL automation toolkit batch files.  I added the line in bold below and re-ran the csr through the CA and still got the error message.  Not a SSL expert here so im just fishing at the moment.

"%~dp0openssl\openssl" req -new -nodes -sha256 -out "%component_csr_output_folder%\rui.csr" -keyout "%component_csr_output_folder%\rui-orig.key" -config %csr_config_file_name%

0 Kudos
admin
Immortal
Immortal
‎06-24-2014 03:15 PM

Check what is the SHA version being used for certificate. Also check if the SSO password is not having special characters "!" in it.

0 Kudos