kellymiller

For end-entity certificates, always use a stronger algorithm (e.g., SHA-2) for signing. Regularly update your system’s root certificate store to ensure proper trust validation. I think you can reference https://docs.digicert.com/en/certcentral/certificate-merge fruits-vulnerabilities/weak-hashing-algorithm.html