AutoSys Workload Automation

  • Private Community
 View Only

  • 1.  WCC certificate. MD5 not allowed how to use hash SHA2?

    Posted Feb 26, 2019 06:28 AM

    Hi,

     

    I need to renew a certificate for WCC 11.4SP5. I am running java version "1.7.0_171"

     

     

    I am following instruction on https://docops.ca.com/ca-workload-automation-ae/11-4-2/en/securing/customize-ssl-for-web-services 

     

    but the certificate resulting is using HASH MD5 which is not allowed by our security team. It has to be used SHA2 so I run 

     

    keytool -genkey -alias tomcat -keysize 2048 -keystore .keystore  -validity 14600 -storepass changeit -dname "CN=autosys.com, OU=Batch Services, O=DT, L=EMEA, ST=France, C=FR" -keyalg SHA256withRSA 

     

    but certificate is still using MD5.

     

    do you know the procedure to get a certificate using SHA2?

     

    thakns

    José



  • 2.  Re: WCC certificate. MD5 not allowed how to use hash SHA2?

    Posted Feb 27, 2019 03:00 AM

    Hi,

     

    I had a live session with CA and the problem was I was using a non updated java version.The right command to use the right hash is.

     

    cd to most updated keytoll directory

    keytool -genkey -alias tomcat  -keysize 2048 -keystore .keystore  -validity 14600 -storepass changeit -sigalg SHA256withRSA -keyalg RSA

     

    thanks

    José



  • 3.  Re: WCC certificate. MD5 not allowed how to use hash SHA2?

    Broadcom Employee
    Posted Feb 27, 2019 09:10 AM

    Hi Jose,

    Thanks for your update on resolving the issue.  You can see this link for creating the SHA256 signed certificate.

     

    Thank you,

    Nitin Pande

    Broadcom