In version 4.5 of the MainWP Dashboard, we introduced the capability to set a custom Signature Algorithm and added PHPSecLib as an alternative to OpenSSL. Both of these options can be set globally for the entire Dashboard or on a per-site basis.

Previously, MainWP used the SHA1 algorithm to verify signatures. However, as some hosts began updating OpenSSL library to version 3, we encountered some incompatibilities with OpenSSL 1. This is mainly due to the fact that some hosts, after updating to OpenSSL 3, have disabled SHA1 considering it a legacy option.

To address this, we switched to SHA256, which provides enhanced security and is compatible with both OpenSSL 1 and OpenSSL 3.

The MainWP now uses SHA256 as the default Signature Algorithm. However, we also provide the option to set a custom Signature Algorithm if you need an alternative to SHA256.

If your Dashboard host doesn’t support a certain SHA, the connection to all sites may fail. To resolve this, navigate to the MainWP Dashboard > Settings > Advanced Settings page and change the OpenSSL signature algorithm to a supported SHA.
​

Note: Virtually all web hosts should support SHA256, but in the unlikely event they don’t, please contact their support to ask about the SHA signature algorithms they do support.

And do note that signature verification is something that happens after a site is added to the Dashboard. So even if the verification doesn’t work, the site can still be added to the dashboard. However, synchronization and other actions that require authentication (signature verification) will fail.

If, for some reason, you wish to switch back to SHA1 for the entire MainWP Dashboard or only for certain sites, it is necessary to reconnect the present child sites to the Dashboard. This can be accomplished by navigating to the WP Admin of the Child Sites, deactivating and reactivating MainWP Child plugin (which will disconnect it from the Dashboard), and then reconnecting the child site in the Main Dashboard.

OpenSSL is a widely-used software library for applications that secure communications over computer networks. However, in certain scenarios where OpenSSL is not available or improperly configured on a server, using PHPSecLib may be a viable workaround.

PHPSecLib is intended to be used only on servers where OpenSSL is not available or if there are issues with its configuration.

If OpenSSL is properly set, which would be the case on the majority of web hosts, there is no need to switch to PHPSecLib. However, PHPSecLib is a great alternative if you are setting up a localhost where OpenSSL sometimes has configuration issues, and you would otherwise need to locate the openssl.cnf file and enter its path in the MainWP settings.

Now, the newly added PHPSecLib option resolves that issue in seconds.
Simply navigate to the MainWP Dashboard > Settings > Advanced Settings page and change the Verify connection method to PHPSecLib.
​

NOTE: If you change the Verify connection method to PHPSecLib for the entire MainWP Dashboard and you already have child sites added to your Dashboard, you will need to re-add them.
To avoid that, you can change the Verify connection method on a per-site basis, as explained in the following chapter.

Both of these options can be set on a per-site basis. If, for example, a webhost for one of your child sites doesn’t support SHA256, or if you want to use PHPSecLib for that site, you can make these same changes per-site.

Navigate to MainWP Dashboard > Sites > Child Site Overview (of a desired child site) > Edit page. Then look for the two options in the Advanced Settings (Optional) section.