NMC: SSL Certificate Signed Using Weak Hashing Algorithm

Summary: Vulnerability scan reports that CVE-2004-2761 is detected on port 5432 on the NetWorker/NMC servers. This KB shows how to replace the certificate used by gstd with a CA signed certificate. ...

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Symptoms

Vulnerability scan reports that CVE-2004-2761 is detected on port 5432 on the NetWorker/NMC servers.

Cause

CVE-2004-2761 This hyperlink is taking you to a website outside of Dell Technologies.  - SSL Certificate Signed Using Weak Hashing Algorithm

Resolution

Replace the default self-signed certificate and key pair with CA signed certificate and key pair.
This process is detailed in the following article: NetWorker: How to Import or Replace Certificate Authority Signed Certificates for NMC

    Additional Information

    The files can be validated using the openssl command, for example:

    openssl pkey -in example.key -pubout -outform pem | sha256sum
    openssl x509 -in example.crt -pubkey -noout -outform pem | sha256sum
    openssl req -in example.csr -pubkey -noout -outform pem | sha256sum 


    The output for each command should match, example:

    [root@nmcserver ~]# openssl pkey -in /nsr/nmc/nmcdb/pgdata/example.key -pubout -outform pem | sha256sum
590513c5e329875c248be7f06b6cd04aa31ce8aa8de47c05d5d6081922365645  -

[root@nmcserver ~]# openssl x509 -in /nsr/nmc/nmcdb/pgdata/example.crt -pubkey -noout -outform pem | sha256sum
590513c5e329875c248be7f06b6cd04aa31ce8aa8de47c05d5d6081922365645  -

[root@nmcserver ~]# openssl req -in example.csr -pubkey -noout -outform pem | sha256sum
590513c5e329875c248be7f06b6cd04aa31ce8aa8de47c05d5d6081922365645  -
    NOTE: OpenSSL is a third party toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It can be installed on both Linux and Microsoft Windows servers. Typically when running OpenSSL commands on Microsoft Windows servers you must append -config "path\to\openssl.cnf" to each command.

    Affected Products

    NetWorker, NetWorker Management Console

    Products

    NetWorker
    Article Properties
    Article Number: 000044539
    Article Type: Solution
    Last Modified: 06 Feb 2026
    Version:  4
    Find answers to your questions from other Dell users
    Support Services
    Check if your device is covered by Support Services.