Weak Certificate Bypass on Linux OpenSSL

WordPress weak openssl

Consuming an API resource over HTTPS from a Linux host, for example Docker image, could end up with an unexpected exception due to OpenSSL security level configured on Linux which no longer accept certificates signed with SHA1.

The SSL connection could not be established, see inner exception.
Authentication failed, see inner exception:
Using SSL certificate failed with OpenSSL error – ca md too weak.

As a workaround or a fix, use this code in Dockerfiles that are based on Linux, to weaken security level from 2 to 1.

RUN sed -i 's/SECLEVEL=2/SECLEVEL=1/g' /etc/ssl/openssl.cnf

Further details can be found in this GitHub article.


If you are thinking of serving your WordPress website on HTTPS then you please read my other article on Redirecting HTTP to HTTPS on WordPress.

Marcin Narloch

Marcin Narloch

Creative and out-of-the-box thinker with strong interests and knowledge in technology and innovation.
Reset Git Branch Commits Previous post base64 with Bash Cheat Sheet
Reset Git Branch Commits Next post Azure Container Registry Cheat Sheet

Leave a Reply

Your email address will not be published.