alive4ever:

This bug report is related to FS#512

On LEDE snapshot, one needs to install LUCI to access web interface. For encrypted web interface access, TLS is needed. There are two packages providing TLS protected web interface: luci-ssl and luci-ssl-openssl.

luci-ssl depends on px5g, which is provided by either px5g-mbedtls or px5g-standalone. Without mentioning px5g backend when installing luci-ssl, px5g-standalone is pulled to satisfy luci-ssl dependency.

Sadly, px5g-standalone only generates sha1-signed certificate, which has been obsolete on 2017.

px5g-standalone should generates sha256-signed certificate to continue providing px5g dependency. If this cannot be achieved, I suggest px5g-standalone package removal and just rely on px5g-mbedtls for px5g dependency.