• Hi, Pleskians! We are running a UX testing of our upcoming product intended for server management and monitoring.
    We would like to invite you to have a call with us and have some fun checking our prototype. The agenda is pretty simple - we bring new design and some scenarios that you need to walk through and succeed. We will be watching and taking insights for further development of the design.
    If you would like to participate, please use this link to book a meeting. We will sent the link to the clickable prototype at the meeting.
  • (Plesk for Windows):
    MySQL Connector/ODBC 3.51, 5.1, and 5.3 are no longer shipped with Plesk because they have reached end of life. MariaDB Connector/ODBC 64-bit 3.2.4 is now used instead.
  • Our UX team believes in the in the power of direct feedback and would like to invite you to participate in interviews, tests, and surveys.
    To stay in the loop and never miss an opportunity to share your thoughts, please subscribe to our UX research program. If you were previously part of the Plesk UX research program, please re-subscribe to continue receiving our invitations.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.

Issue Weak Algorithm Warning (DSA1024) for Plesk Repositories on Ubuntu 24.04 LTS

LionKing

LionKing

Regular Pleskian
Server operating system version
Ubuntu 24.04 LTS
Plesk version and microupdate number
Plesk Obsidian 18.0.67 Update #3 Web Host Edition
Hi Plesk Support Team and Community,
I’m running into an issue with the Plesk repositories on my Ubuntu 24.04 LTS server and would appreciate some guidance.

When I run sudo apt update, I get warnings about the Plesk repositories using a weak algorithm (DSA1024) for their signatures. The affected repositories include those for Plesk itself and several PHP versions (e.g., PHP 7.4, 8.0, 8.1, 8.2). The warning message indicates that the key used to sign these repositories is considered cryptographically weak by modern standards.

I tried to fetch an updated key from a keyserver using apt-key adv, but I received an error that the key ID was not found. I also learned that apt-key is deprecated in Ubuntu 24.04, and the recommended method is to manage keys in /etc/apt/trusted.gpg.d/. However, even if I were to add the key manually, the weak algorithm issue would likely persist.

Here’s what I’ve done so far:
  1. Ran sudo apt update and noted the weak algorithm warnings for the Plesk repositories.
  2. Attempted to fetch the key using apt-key adv --keyserver keyserver.ubuntu.com --recv-keys with the key ID, but it failed with a "not a key ID: skipping" error.
  3. Considered adding the key manually to /etc/apt/trusted.gpg.d/, but I’m concerned that the underlying issue (weak DSA1024 algorithm) would still remain.
My questions are:
  • Has Plesk updated its repository signing keys to use a stronger algorithm (e.g., RSA-2048 or ECDSA)? If so, where can I find the new key and instructions to add it?
  • If not, are there plans to update the keys soon? The weak algorithm warning is a security concern, and I’d like to ensure my server remains secure.
  • Are there alternative repositories or mirrors that use updated keys?
  • How do I run an actual update of this and fix the issue on the Ubuntu 24.04 LTS server?
I’d really appreciate any help or updates from the Plesk team or community members who have encountered and resolved this issue. Thanks in advance for your assistance!

Best regards,

LionKing
 
You must log in or register to reply here.

Similar threads

Daveo
Issue Ubuntu upgrade from 22.04 to 24.04 getting issue with key algorithms
Replies
2
Views
339
Daveo
Daveo
J
Resolved PUM error persists....
Replies
13
Views
680
Jeroentje
J
K
Issue Apt update warning weak algorithm (dsa1024)
Replies
4
Views
2K
learning_curve
learning_curve
W
Issue Atomicorp repository - Debian 11 - NO_PUBKEY
Replies
2
Views
277
websb
W
learning_curve
Issue Plesk updates when running Ubuntu 24.04.1 LTS - Possible Installer Plesk bug?
Replies
2
Views
1K
learning_curve
learning_curve
Back
Top