https://bugzilla.suse.com/show_bug.cgi?id=1208400 https://bugzilla.suse.com/show_bug.cgi?id=1208400#c4 Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |meissner@suse.com, | |pmonrealgonzalez@suse.com Assignee|pmonrealgonzalez@suse.com |otto.hollmann@suse.com --- Comment #4 from Pedro Monreal Gonzalez <pmonrealgonzalez@suse.com> --- Hi, certificates signed using SHA1 are no longer allowed at security level 1 and above in openssl-3 so its failing as expected. You may want to re-create them and use the default SHA256 for signing. Note that, there is an ongoing issue open upstream to add a configure option to enable SHA1 but its not yet implemented in the 3.0 version series or in 3.1 which is planned to be released today, see: * https://github.com/openssl/openssl/issues/17662 There is also a downstream working patch in Fedora that adds this: * https://gitlab.com/redhat/centos-stream/rpms/openssl/-/blob/c9s/0049-Selecti... T think, we can explore this option. I'm assigning the bug to Otto and adding Marcus in CC. -- You are receiving this mail because: You are on the CC list for the bug.