Changing signature algorithm for CSR generation on Plesk

Hi Webhosters!

If you are running a Plesk, commercially, for fun or whatever other reason, this information might be for you.

When you want to order a certificate from a CA, there are now several CA’s that stop taking orders from CSRs that are using SHA1 as signature algorithm. Google also wants to accelerate the end of SHA1 by stopping marking a connection as secure if a certificate is used that is signed with SHA1. You can read more about that here.

Sadly, Plesk generates the CSR with SHA1 by default.

Continue reading