Ubuntu
gadmin-openvpn-server package

OpenSSL certificate md too weak

Bug #1821111 reported by Matthias Schlett
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
gadmin-openvpn-server (Ubuntu)
New
Undecided
Unassigned

Bug Description

openssl 1.1.0g-2ubuntu4.3 rejects the certs produced by gadmin-openvpn-server, because it use md5.
Unfortunally the parameter default_md = md5 is hard coded in the binary.
I tried to change default_md to sha256 in gadmin-openvpn-openssl.conf, but during generation of the certs the changes are overwritten.
gadmin-openvpn-server is aborted by
OpenSSL: error:140AB18E:SSL routines:SSL_CTX_use_certificate:ca md too weak
Cannot load certificate file certs/cert.pem

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.