Ask a new question

SSL Certificate Signed Using Weak Hashing Algorithm

Tenable Scan provides the below report but i dont see any certificate with MD2, MD4, MD5, or SHA1.

Could you please advise the fix for this case?

An SSL certificate in the certificate chain has been signed using a weak hash algorithm.

The remote service uses an SSL certificate chain that has been signed using a cryptographically weak hashing algorithm (e.g. MD2, MD4, MD5, or SHA1). These signature algorithms are known to be vulnerable to collision attacks. An attacker can exploit this to generate another certificate with the same digital signature, allowing an attacker to masquerade as the affected service.

Note that this plugin reports all SSL certificate chains signed with SHA-1 that expire after January 1, 2017 as vulnerable. This is in accordance with Google's gradual sunsetting of the SHA-1 cryptographic hash algorithm.

Note that certificates in the chain that are contained in the Nessus CA database (known_CA.inc) have been ignored.

Hi Sandeep Kumar Reddy Lingampalli,

Welcome to post in Microsoft Community.

I'm Mosken, I do apologize for the inconvenience that you're experiencing right now, let me help you figure it out.

According to your description, I knew that your scanner reports an error about SSL certificate uses a weak Hash algorithm. If my understanding is wrong, please correct me in the reply.

I found a post on the same question on Microsoft's technical forums, which you can check here and learn more.

In addition, I searched for relevant information by keywords based on the title of your post, and I saw that the official website of the product has a related error answer, you can search for it (sorry, I can't provide specific links for security reasons).

I wish the above will be helpful to you. Please feel free to let me know how it goes, and I will do my best to help you.

Best Regards,

Mosken- MSFT | Microsoft Community Support Specialist

7 people found this reply helpful

·

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

 
 

Question Info

Last updated April 19, 2025 Views 29,972 Applies to: