diff --git a/README b/README
index 809768433..81c4700f2 100644
--- a/README
+++ b/README
@@ -711,8 +711,11 @@ additional web apps and OpenID on CentOS:
                    --serveralias_clause='ServerAlias' --alias_field=email \
                    --dhparams_path=~/certs/dhparams.pem \
                    --daemon_keycert=~/certs/combined.pem \
+                   --daemon_keycert_sha256='FILE::/etc/httpd/MiG-certificates/combined.pem.sha256' \
                    --daemon_pubkey=~/certs/combined.pub \
                    --daemon_pubkey_from_dns=True \
+                   --daemon_pubkey_md5='FILE::/etc/httpd/MiG-certificates/combined.pub.md5' \
+                   --daemon_pubkey_sha256='FILE::/etc/httpd/MiG-certificates/combined.pub.sha256' \
                    --signup_methods="extoid migoid migcert extoidc" \
                    --login_methods="extoid migoid migcert extoidc" \
                    --distro=centos --skin=migrid-basic \
@@ -811,8 +814,11 @@ local OpenID login and added Jupyter+cloud integration for data analysis:
                    --serveralias_clause='#ServerAlias' --alias_field=email \
                    --dhparams_path=~/certs/dhparams.pem \
                    --daemon_keycert=~/certs/combined.pem \
+                   --daemon_keycert_sha256='FILE::/etc/httpd/MiG-certificates/combined.pem.sha256' \
                    --daemon_pubkey=~/certs/combined.pub \
                    --daemon_pubkey_from_dns=True \
+                   --daemon_pubkey_md5='FILE::/etc/httpd/MiG-certificates/combined.pub.md5' \
+                   --daemon_pubkey_sha256='FILE::/etc/httpd/MiG-certificates/combined.pub.sha256' \
                    --signup_methods="extoid migoid extcert extoidc" \
                    --login_methods="extoid migoid extcert extoidc" \
                    --distro=centos --skin=erda-ucph-science \
@@ -997,8 +1003,11 @@ https://en.wikipedia.org/wiki/General_Data_Protection_Regulation
                    --serveralias_clause='#ServerAlias' --alias_field=email \
                    --dhparams_path=~/certs/dhparams.pem \
                    --daemon_keycert=~/certs/combined.pem \
+                   --daemon_keycert_sha256='FILE::/etc/httpd/MiG-certificates/combined.pem.sha256' \
                    --daemon_pubkey=~/certs/combined.pub \
                    --daemon_pubkey_from_dns=True \
+                   --daemon_pubkey_md5='FILE::/etc/httpd/MiG-certificates/combined.pub.md5' \
+                   --daemon_pubkey_sha256='FILE::/etc/httpd/MiG-certificates/combined.pub.sha256' \
                    --daemon_show_address=sif-io.erda.dk \
                    --signup_methods="extoid migoid" \
                    --login_methods="extoid migoid" \
diff --git a/mig/install/migcheckssl-template.sh.cronjob b/mig/install/migcheckssl-template.sh.cronjob
index 5e8733b8e..972e3785c 100755
--- a/mig/install/migcheckssl-template.sh.cronjob
+++ b/mig/install/migcheckssl-template.sh.cronjob
@@ -42,6 +42,7 @@ server_key_crt_ca_pem="${domain_cert_path}/server.key.crt.ca.pem"
 combined_pem="${domain_cert_path}/combined.pem"
 combined_pem_sha256="${combined_pem}.sha256"
 combined_pub="${domain_cert_path}/combined.pub"
+combined_pub_md5="${combined_pub}.md5"
 combined_pub_sha256="${combined_pub}.sha256"
 dhparams_pem="${cert_base}/dhparams.pem"
 # use git latest or release version of getssl
@@ -122,7 +123,10 @@ if [[ ${verbose} -eq 1 ]]; then
     echo "server_key_crt_ca_pem: ${server_key_crt_ca_pem}"
     echo "dhparams_pem: ${dhparams_pem}" 
     echo "combined_pem: ${combined_pem}"
+    echo "combined_pem_sha256: ${combined_pem_sha256}"
     echo "combined_pub: ${combined_pub}"
+    echo "combined_pub_md5: ${combined_pub_md5}"
+    echo "combined_pub_sha256: ${combined_pub_sha256}"
 fi
 
 # Ensure domain certificate path
diff --git a/tests/fixture/confs-stdlocal/migcheckssl b/tests/fixture/confs-stdlocal/migcheckssl
index 46051bd42..77732ca09 100755
--- a/tests/fixture/confs-stdlocal/migcheckssl
+++ b/tests/fixture/confs-stdlocal/migcheckssl
@@ -42,6 +42,7 @@ server_key_crt_ca_pem="${domain_cert_path}/server.key.crt.ca.pem"
 combined_pem="${domain_cert_path}/combined.pem"
 combined_pem_sha256="${combined_pem}.sha256"
 combined_pub="${domain_cert_path}/combined.pub"
+combined_pub_md5="${combined_pub}.md5"
 combined_pub_sha256="${combined_pub}.sha256"
 dhparams_pem="${cert_base}/dhparams.pem"
 # use git latest or release version of getssl
@@ -122,7 +123,10 @@ if [[ ${verbose} -eq 1 ]]; then
     echo "server_key_crt_ca_pem: ${server_key_crt_ca_pem}"
     echo "dhparams_pem: ${dhparams_pem}" 
     echo "combined_pem: ${combined_pem}"
+    echo "combined_pem_sha256: ${combined_pem_sha256}"
     echo "combined_pub: ${combined_pub}"
+    echo "combined_pub_md5: ${combined_pub_md5}"
+    echo "combined_pub_sha256: ${combined_pub_sha256}"
 fi
 
 # Ensure domain certificate path