When creating the CSR and sending it to Verisgn got this warning:
"Alert: Your CSR has been signed using the MD5 hashing algorithm. While the MD5 hashing algorithm is not optimal it will not prevent you from using this CSR to enroll for your SSL certificate. VeriSign best practices recommend that you use a different hashing algorithm for the signature.
CSR Information"
I created the private key using this:
openssl genrsa -out /etc/ssl/private/server.key 2048
Then the CSR using this:
openssl req -new -key server.key -out domain.server.csr
What am I supposted to be doing different in this case?
Best Answer
Just add
-sha1
or-sha256
to the end of your request command to specify which message digest algorithm to use. See OpenSSL's Documentation for a list of valid signing algorithms.For example (SHA-1):
OR (SHA-256):