Yealink Forums
SSL Certificate Signed Using Weak Hashing Algorithm - Printable Version

+- Yealink Forums (
+-- Forum: IP Phone Series (/forumdisplay.php?fid=4)
+--- Forum: General topics (/forumdisplay.php?fid=15)
+--- Thread: SSL Certificate Signed Using Weak Hashing Algorithm (/showthread.php?tid=46751)

SSL Certificate Signed Using Weak Hashing Algorithm - LaughingBoy - 07-06-2023 03:17 AM

We recently had an internal security scan and this result showed up referencing all of our yealink phones:

An SSL certificate in the certificate chain has been signed using a weak hash algorithm.

The remote service uses an SSL certificate chain that has been signed using a cryptographically weak hashing algorithm (e.g. MD2, MD4, MD5, or SHA1). These signature algorithms are known to be vulnerable to collision attacks. An attacker can exploit this to generate another certificate with the same digital signature, allowing an attacker to masquerade as the affected service.

The following certificates were part of the certificate chain sent by
the remote host, but contain hashes that are considered to be weak.

Subject : C=CN/ST=Fujian/L=Xiamen/O=Yealink Network Technology Co.,Ltd./OU=Yealink Equipment/CN=[SCRUBBED]/
Signature Algorithm : MD5 With RSA Encryption
Valid From : Mar 01 00:00:00 2014 GMT
Valid To : Feb 24 00:00:00 2034 GMT

Can Yealink please provide an ssl certificate that has stronger encryption so that we can pass our security audit?