Fixed. Use shall instead of md5 and everyone is happy.
> On May 26, 2015, at 9:27 AM, Brantley Coile <brantleyco...@me.com> wrote:
>
> UPDATE:
>
> I now have reason to believe that they just removed MD5 from known signing
> algorithms, and that a SHA1 will work. Anyone know anything about this?
>
> Thanks,
> bwc
>
>> On May 25, 2015, at 3:06 PM, Brantley Coile <brantleyco...@me.com> wrote:
>>
>> Turns out the CSR wasn’t acceptable because of the MD5 signature. It seems
>> the that they should be signed as RSA and not MD5. MD5 is not deemed secure
>> enough. The plan 9 code is signing everything with MD5. Who owns this code?
>> Has anyone fixed this yet?
>>
>>> On May 24, 2015, at 11:10 AM, Skip Tavakkolian <9...@9netics.com> wrote:
>>>
>>> going by my notes from the last time i used plan9 tools to generate a
>>> CSR, the only differences i see are quoting the O attribute to handle
>>> spaces in organization name and dropping the word "SIGNING" from
>>> PEM header/footer.
>>>
>>>> Thanks all. It goes through sslshopper fine, but the CA still doesn’t
>>>> like it. I’ll call them tomorrow. Thanks for all the help.
>>>>
>>>> bwc
>>>>
>>>>> On May 23, 2015, at 1:08 PM, lu...@proxima.alt.za wrote:
>>>>>
>>>>>> I then pasted the contents of ‘csr’ into the page and get “This CSR
>>>>>> has an invalid signature!”
>>>>>
>>>>> It's worth playing with openssl to check the output from auth/rsa2csr.
>>>>> The diagnostics are bound to be a bit less vague. Trying your
>>>>> instructions, the PEM encoded csr includes the seemingly unwanted word
>>>>> "SIGNING" in the headers. When I remove it (and a space) openssl req
>>>>> reports a valid certificate request.
>>>>>
>>>>> Lucio.
>>>>>
>>>>>
>>>
>>>
>>
>>
>
>
