[gnutls-help] Help allowing SHA1

Brandon Sawyers brandor5 at gmail.com
Wed Jan 22 15:24:56 CET 2020

Hello everyone:

A recent package upgrade in ubuntu 1604 (v3.4.10-4ubuntu1.6) and 1804
(v3.5.18-1ubuntu1.2) has left us without SHA1 support. Since we are still
in the process of migrating our last services off of SHA1 with a target
date of April this has put us in a pickle.

>From reading the docs I expect I should be able to use priority and allow
SHA1 to function, however making this work has been rather frustrating.

I've tried several different versions of the following command but I would
expect just having "NORMAL:+SIGN-RSA-SHA1:+SHA1" priority set should work.

`gnutls-bin --x509cafile ./cachain-with-sha1-signed-cert.pem
--priority='NORMAL:+SIGN-RSA-SHA1:+SHA1' -p 636 internal.directory.org`

What am I doing wrong?

Any help would be much appreciated.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-help/attachments/20200122/14f590e5/attachment-0001.html>

More information about the Gnutls-help mailing list