SSL/TLS Certificate Signed Using Weak Hashing Algorithm
Medium Web Application Scanning Plugin ID 112542
SynopsisSSL/TLS Certificate Signed Using Weak Hashing Algorithm
DescriptionThe remote server uses an SSL/TLS certificate that has been signed using a cryptographically weak hashing algorithm (e.g. MD2, MD4, MD5, or SHA1). These signature algorithms are known to be vulnerable to collision attacks. An attacker can exploit this to generate another certificate with the same digital signature, allowing an attacker to masquerade as the affected service.
SolutionPurchase or generate a new SSL/TLS certificate using SHA-2 signature algorithm to replace the existing one.