https://bugzilla.suse.com/show_bug.cgi?id=1221531 https://bugzilla.suse.com/show_bug.cgi?id=1221531#c46 --- Comment #46 from Frank Krüger <fkrueger@mailbox.org> --- (In reply to Pedro Monreal Gonzalez from comment #31)

The DEFAULT policy in crypto-policies does not allow SHA-1 signatures but the LEGACY one does allow it. Could somebody test if switching to LEGACY helps?:

...

sudo update-crypto-policies --set LEGACY

Note that, this command is shipped by the crypto-policies-scripts package.

If it help, I would force using the LEGACY policy only in mozilla-nss by default for now in crypto-policies and submit in a moment.

TIA

Since the crypto-policies support has been disabled in the nss packages for the time being, is there an SR already from your side? Thx. -- You are receiving this mail because: You are on the CC list for the bug.