OpenSSL.SSL.Error: [('SSL routines', 'SSL_CTX_use_certificate', 'ca md too weak')]

0 users found this article helpful



This is caused when one or more of the certificates that are being uploaded to enable single sign-on are using an insecure signature algorithm, such as sha1RSA.


The Workspace SubCA certificate, any intermediate certificates in the certification path, and the root certificate should use a secure signature algorithm.

At the moment of writing, sha256RSA is common.
sha1RSA is insecure.

Was this article helpful?

Tell us how we can improve it.