The error message you are getting indicates that the certificate you are using is signed with an md5
hash.
OpenSSL 1.1.0 has introduced a new feature called security level.
The default setting of 1
will cause the following (emphasis by me):
The security level corresponds to a minimum of 80 bits of security. Any parameters offering below 80 bits of security are excluded. As a result RSA, DSA and DH keys shorter than 1024 bits and ECC keys shorter than 160 bits are prohibited. All export cipher suites are prohibited since they all offer less than 80 bits of security. SSL version 2 is prohibited. Any cipher suite using MD5 for the MAC is also prohibited.
You may need to regenerate the certificate and use a stronger hash to sign, for example SHA1
.
Judging from the forum post at OpenSSL Users this problem may be occurring now because the service you are attempting to connect to has upgraded their version of OpenSSL and it is now rejecting your certificate.