@nick-charles I will (again) explain the solutions that I suggested in the other thread and in my previous comment, hopefully you and other people will benefit from this (new) answer which I hope will be clear enough to allow you/them to resolve this issue once and for all.
Important !!!
There are two solutions for this issue, the first option is the best one because it will affect any other software installed in that server and you will not have to deal with this error any time in the future (unless you migrate to another server). The second option that I will offer is only for the Sucuri plugin, so if you want to solve the issues with other extensions (aka. Wordfence or any other) you will have to either use the first solution or contact the respective plugin developer(s).
First Solution (best)
There are too many things that I need have to explain about SSL in order to understand the real problem that we are trying to resolve here, if you understand the basic concepts about TLS then continue reading, if not I suggest you to ask your hosting provider for assistance.
There are some forums on Internet with an explanation of the cause of this error [1], this is generated because the version of OpenSSL installed in the server is too old and/or was not compiled with support for certificates signed with a specified encryption, in most cases “sha256WithRSAEncryption”. Actually the error may be generated by many other things but I do not have time to explain every possible case.
The Sucuri plugin as well as many other extensions prefer to establish a secure connection with their API services because… Well, there are many reasons and I am not going to discuss them here, the requests are being sent to “https://[…%5D/” and OpenSSL is involved in this operation, that is all what you need to know.
So the best solution is to upgrade OpenSSL to a version that comes with support for the encryption mentioned in the error message, or at least the one that I mentioned above. Or simply modify the code to prefer the “http” version of the API service(s) but you will have to deal with “Man In The Middle” attacks among other things by yourself.
Second Solution (worst)
If you do not have direct access to the server where your website is being hosted, or your hosting provider do not want to provide support to help resolve this issue, or you just do not want to spend much time troubleshooting this, then go to the Sucuri plugin’ settings page and change the value of the option “API request with SSL” as I explained in my previous comment.
Note that this will only help to hide the warnings in the Sucuri plugin, the errors will still be triggered by OpenSSL if you try to use it with the wrong configuration in other script, other plugins, other themes, or other software installed in that server.
Conclusion. I do not want to deal with these messages anymore, so for the next version of the plugin I will default all the HTTP requests to be sent to the “http” version of the API service instead of the secure version, this is not the best decision but at least no more tickets about SSL issues will be posted here, that way I can spend time writing code to add new features instead of respond to support tickets.
