You should be able to regenerate the certificates with a secure signing algorithm. This thread has some other alternatives, like recompilining. OpenSSL with an insecure flag.
<https://superuser.com/questions/1737052/openssl-error0a00018essl-routinesca-md-too-weak> [[email protected]] OpenSSL: error:0A00018E:SSL routines::ca md too weak<https://superuser.com/questions/1737052/openssl-error0a00018essl-routinesca-md-too-weak> superuser.com<https://superuser.com/questions/1737052/openssl-error0a00018essl-routinesca-md-too-weak> Sent from my iPad On Apr 17, 2024, at 3:04 AM, Uwe Sauter <[email protected]> wrote: Hi all, one of my Rocky Linux 8 servers was updated automatically to 2. 6. 7 this night from the Symas repo. The install script seems to include an automated restart of the service but that failed with: main: TLS init def ctx failed: -1 error: 0A00018E: SSL Hi all, one of my Rocky Linux 8 servers was updated automatically to 2.6.7 this night from the Symas repo. The install script seems to include an automated restart of the service but that failed with: main: TLS init def ctx failed: -1 error:0A00018E:SSL routines::ca md too weak As this is an internal network with a private CA the strength of the CA is of minor relevance. I think the change comes with symas-openssl-libs-3.0.8-1.el8.x86_64… Can anyone suggest a workaround (other than exchanging the CA and its issued certificates)? Thanks, Uwe
