Koontzja
Subscriber

Running Ansys License Manager 2024 R1. Here is some more information from the ticket I received: "Vulnerability.Description Details

The remote service uses an SSL certificate chain that has been signed using a cryptographically weak hashing algorithm (e.g. MD2, MD4, MD5, or SHA1). These signature algorithms are known to be vulnerable to collision attacks. An attacker can exploit this to generate another certificate with the same digital signature, allowing an attacker to masquerade as the affected service.

Note that this plugin reports all SSL certificate chains signed with SHA-1 that expire after January 1, 2017 as vulnerable. This is in accordance with Google's gradual sunsetting of the SHA-1 cryptographic hash algorithm.

Note that certificates in the chain that are contained in the Nessus CA database (known_CA.inc) have been ignored.
Vulnerability.Solution Type
Contact the Certificate Authority to have the SSL certificate reissued.
Vulnerability.Summary
An SSL certificate in the certificate chain has been signed using a weak hash algorithm.
Vulnerability.Detection (This is not the full certificate just a portion since it is being posted on a forum)
The following certificates were part of the certificate chain sent bythe remote host, but contain hashes that are considered to be weak.Subject : O='ANSYS Inc'/C=US/ST=PA/L=Canonsburg/CN='ANSYS Licensing Authority Certificate'Signature Algorithm : SHA-1 With RSA EncryptionValid From : Oct 22 10:08:06 2008 GMTValid To : Oct 10 10:08:06 2058 GMTRaw PEM certificate : -----BEGIN CERTIFICATE-----MIIDSzCCArSgAwIBAgIJAOUPCPOTnxfzMA0GCSqGSIb3DQEBBQUAMHcxFDASBgNVBAoTCydBTlNZUyBJbmMnMQswCQYDVQQGEwJVUzELMAkGA1UECBMCUEExEzARBgNVBAcTCkNhbm9uc2J1cmcxMDAuBgNVBAMTJydBTlNZUyBMaWNlbnNpbmcgQXV0aG9yaXR5IENlcnRpZmljYXRlJzAgFw0wODEwMjIxMDA4MDZaGA8yMDU4MTAxMDEwMDgwNlowdzEUMBIGA1UEChMLJ0FOU1lTIEluYycxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJQQTETM"
 
Essentially it's stating I need the SSL certificate that was initially issued, and reissued for the server. It looks like something that was generated on your alls end, but please correct me if I am wrong. If I can provide any other information please let me know.
 
Thank you!