I need to renew a certificate for WCC 11.4SP5. I am running java version "1.7.0_171"
I am following instruction on https://docops.ca.com/ca-workload-automation-ae/11-4-2/en/securing/customize-ssl-for-web-services
but the certificate resulting is using HASH MD5 which is not allowed by our security team. It has to be used SHA2 so I run
keytool -genkey -alias tomcat -keysize 2048 -keystore .keystore -validity 14600 -storepass changeit -dname "CN=autosys.com, OU=Batch Services, O=DT, L=EMEA, ST=France, C=FR" -keyalg SHA256withRSA
but certificate is still using MD5.
do you know the procedure to get a certificate using SHA2?
I had a live session with CA and the problem was I was using a non updated java version.The right command to use the right hash is.
cd to most updated keytoll directory
keytool -genkey -alias tomcat -keysize 2048 -keystore .keystore -validity 14600 -storepass changeit -sigalg SHA256withRSA -keyalg RSA
Thanks for your update on resolving the issue. You can see this link for creating the SHA256 signed certificate.