Hi Lars, sadly I've missed a small detail before submitting the bug report...
Quote from Debian wiki [1]: > SHA-1 is no longer supported for signatures > in certificates and you need at least SHA-256. Node certificate: > Signature Algorithm: sha256WithRSAEncryption Master certificate: > Signature Algorithm: sha1WithRSAEncryption Damn! :-) SECLEVEL=1 in openssl.cnf fixed it as a temporary workaround. I'll recreate all old SHA1 certificates from my private CA's in the next few days. Sorry for the noise and thanks for your verbose message! I've only found the root cause while copying & pasting (and anonymising) the openssl output. I've overlooked this line before. Stupid me... Please close this bug report. Thanks. -- With kind regards, Christian Schrötter [1]: https://wiki.debian.org/ContinuousIntegration/TriagingTips/openssl-1.1.1
