Skip to main content

Weak hashing algorithm

Related error and warning

  • (Error) "An unknown hashing algorithm was used to sign the certificate."

  • (Warning) "A weak hashing algorithm was used to sign the certificate."

Problem

Continued use of weak hashing algorithms certificates puts your clients' sensitive data at risk and will cause browsers to display warnings. Warnings create mistrust when connecting to a site and can cause clients to avoid your site.

Note

Hashing algorithms are used to generate SSL Certificates. Discovery checks your SSL/TLS certificate as well as its issuing intermediate certificate.

Algorithms once thought of as secure have become weak or breakable.

For example, MD5, once thought to be a secure and unbreakable hashing algorithm, went from being a strong hashing algorithm to a weak hashing algorithm to a broken hashing algorithm.

Solution

Reissue or renew your certificate with a supported hashing algorithm, such as SHA-2.