Certificate error after upgrade to 20.04

I upgraded my Ubuntu 19.10 to the latest 20.04. After this process, doing HTTP calls passing a certificate gives the following error:

error: Error: [('SSL routines', 'SSL_CTX_use_certificate', 'ca md too weak')]

Executing

openssl x509 -in certificate.pem -noout -text | grep 'Signature Algorithm'

returns the following:

sha1WithRSAEncryption

The OpenSSL version installed is 1.1.1f

Can this behaviour overridden? If not, is it possible to downgrade to a compatible openssl version?

1 Answer

I found a solution, according to the accepted answer of this question: Ubuntu 20.04 - how to set lower SSL security level?

In particular, the openSSL configuration file /etc/ssl/openssl.cnf shall be modified in the following way.

At the beginning, add openssl_conf = default_conf

At the end, add

[ default_conf ]
ssl_conf = ssl_sect
[ssl_sect]
system_default = ssl_default_sect
[ssl_default_sect]
MinProtocol = TLSv1.2
CipherString = DEFAULT:@SECLEVEL=0

After this modification, the certificate is recognized without security errors.

1 Answer

Your Answer

Sign up or log in

Post as a guest

Related Journals

How high up does a mob spawner have to be for it to NOT have reduced mob drops from any caves that may be below it

Where's Brother Vernan's hidden lair?

Plan B for spy (What spy revolver?)

Where to locate png for nether portal in assets