I am using squid ssl-bump, why is my browser refusing to connect to squid with pointing out a 'weak hashing algorithm'?

Solution Unverified - Updated -

Issue

I am using the squid ssl-bump functionality to intercept SSL/TLS traffic. Clients trust the certificate of my CA, which the squid proxy uses to sign own certs. Recently, new browser versions stopped to connect to squid, referring to a 'weak hashing algorithm'. For example, google chrome reports NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM.

Environment

  • Red Hat Enterprise Linux (RHEL), all versions
  • squid versions 3.3 and 3.5

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content