GitHub user zerotocode398 edited a discussion: SSL证书使用了弱hash算法(CVE-2005-4900)
使用版本是 rocketmq-4.5.1,namesrv、broker 没有开启 tls,通过 openssl 测试发现 rmq 有内置的证书,且证书签名是弱算法 SHA1。 要求禁用 SHA1 弱算法,咋处理呢,生产环境不能贸然升级,求大佬帮助。 <img width="1210" height="691" alt="image" src="https://github.com/user-attachments/assets/6b71a576-df75-43b6-9d6c-247c9242cd57"; /> <img width="1631" height="141" alt="image" src="https://github.com/user-attachments/assets/1ca15d2f-baa4-4d46-af14-9973a73d8192"; /> GitHub link: https://github.com/apache/rocketmq/discussions/9629 ---- This is an automatically sent email for dev@rocketmq.apache.org. To unsubscribe, please send an email to: dev-unsubscr...@rocketmq.apache.org
