Centos 8 curl: (60) SSL certificate problem: EE certificate key too weak

When trying to hit the Rest API in a Yealink phone I was getting the following from cURL:

1

curl: (60) SSL certificate problem: EE certificate key too weak

Turns out this is a good thing as it is the system killing old ciphers. To get Centos8 to accept legacy protocols it’s a simple command and a reboot:

1
2
3
4

$ update-crypto-policies --show
DEFAULT
# update-crypto-policies --set LEGACY
Setting system policy to LEGACY

After this you can reboot, then the old API is all yours 🙂 Obviously this isn’t ideal behavior, but for the sake of my testing it did the trick.