Topic: Custom CA certificate and SHA1

[Stefano]

Hi all..

following this howto, I'm trying to get a cert from www.startssl.com, but, when I paste the csr file, I got:

MD5 Signature Algorithm Detected
 
Error   

    * Your certificate request was created with a potentially weak signature algorithm.
    * For more information please see this FAQ item.
    * Please change the signature algorithm to SHA1 or better, create a new CSR and try it again!

FAQ item tells me only that MD5 algorithm is weak..
How do I get a SHA1 signed csr?

TIA

[johnp]

I don't know if just changing the default_md to sha1 in the openssl.cnf file would work, but you could do a quick test. I think its located in /usr/share/ssl

[Stefano]

thank you, you give me the right hint

I will update wiki's page asap

[johnp]

Glad to be able to help