Go 1.18 rejects certificates signed with SHA-1 by default
As noted in Go 1.18 release notes, support for x509 certificates signed with SHA-1 is disabled by default.
It is possible to temporarily revert back to the old behaviour by setting an environment variable, but it will not be possible with Go 1.19 (for evident security reasons).
In reaction, we must:
- Keep the support for SHA-1 signed certificates for compatibility reasons until go 1.19 is released
- Log a deprecation warning if a SHA-1 signed certificate is used and added
- Document the deprecation and the end of support for those certificates in a future release