A page fails to load and complains of a weak certificate signature algorithm

windows

#1

Hi,

While using Brave on my work computer, I’m trying to access a work page (for internal system monitoring).

The page returns the following error:

This site cannot be loaded due to a certificate error: [URL - redacted]
net::ERR_CERT_WEAK_SIGNATURE_ALGORITHM
Issued To
Common Name (CN): [host name - redacted]
Serial Number: 00:8B:CE:77:5B:F2:5B:15:8D:3E:FC:30:BD:65:CF:B0
Issued By
Common Name (CN): AusCERT Server CA
Period of Validity
Begins On: Thu Aug 21 2014 12:00:00 GMT+1200 (New Zealand Standard Time)
Expires On: Mon Aug 21 2017 11:59:59 GMT+1200 (New Zealand Standard Time)
Fingerprint: sha256: 14:97:fe:72:9f:31:1a:a8:37:bb:17:1c:25:1c:ac:bc:39:c5:c1:6e:93:32:38:61:e0:49:2a:16:e9:e0:2c:4f

I shouldn’t be surprised, given the existence of pages such as http://michaelwyres.com/2012/05/chrome-weak-signature-algorithm-solved/, if a certificate signed using sha256 is not beefy enough. Is that the case? And if it is, is there any way to adjust the thresholds of what’s considered good enough?

I can certainly “Ignore certificate error”, but Brave identifies that as dangerous and I have to do it for every browser session in which I load the page, which is tedious. Maybe that is the best option for the time being however, at least until a sha512 or greater certificate can be generated.


#2

Thanks for the report!

We will likely not be lowering security standards or putting that as an option anytime soon.

If it’s an internal work site, you could nudge your IT department to use a stronger cert.

Sorry for the inconvenience, I can totally understand how annoying that would be.


#3

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.