I am using squid ssl-bump, why is my browser refusing to connect to squid with pointing out a 'weak hashing algorithm'?

Solution Unverified - Updated -

Issue

I am using the squid ssl-bump functionality to intercept SSL/TLS traffic. Clients trust the certificate of my CA, which the squid proxy uses to sign own certs. Recently, new browser versions stopped to connect to squid, referring to a 'weak hashing algorithm'. For example, google chrome reports NET::ERR_CERT_WEAK_SIGNATURE_ALGORITHM.

Environment

  • Red Hat Enterprise Linux (RHEL), all versions
  • squid versions 3.3 and 3.5

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.