Weak hashing algorithm

  • (Error) "An unknown hashing algorithm was used to sign the certificate."
  • (Warning) "A weak hashing algorithm was used to sign the certificate."

Problem

Continued use of weak hashing algorithms certificates puts your clients' sensitive data at risk and will cause browsers to display warnings. Warnings create mistrust when connecting to a site and can cause clients to avoid your site.

Hashing algorithms are used to generate SSL Certificates. Discovery checks your SSL/TLS certificate as well as its issuing intermediate certificate.

Algorithms once thought of as secure and unbreakable have become either weak or breakable. For example, MD5 once thought to be a secure and unbreakable hashing algorithm went from being a strong hashing algorithm to a weak hashing algorithm to a broken hashing algorithm.

Solution

Reissue or renew your certificate using a supported hashing algorithm, such as SHA-2.