MD5, MD4, and SHA0 as the signing algorithms in *OpenSSL* disabled
With this update, support for the verification of MD5, MD4, and SHA0 signatures in certificates, Certificate Revocation Lists (CRL) and message signatures is removed.
The system administrator can enable MD5, MD4, or SHA0 support by modifying the "LegacySigningMDs" option in the `etc/pki/tls/legacy-settings` policy configuration file, for example:
echo 'LegacySigningMDs md5' >> /etc/pki/tls/legacy-settings
You can also enable the MD5 verification by setting the "OPENSSL_ENABLE_MD5_VERIFY" environment variable.