You can use the -sigalg
option to specify a signature algorithm to use with keytool -certreq
.
keytool -certreq -sigalg sha1withrsa -alias tomcat -file domain_keystore.csr -keystore domain_keystore.jks
質問
When submitting CSR on the esteemed site Network Solutions
I get an error message The CSR provided uses an unsupported signature algorithm. Supported algorithms are: md5withrsa, sha1withrsa, oid 1.2.840.113549.1.1.4, oid 1.2.840.113549.1.1.5
. The command I am using is below and not sure why there are not accepting it when this is exactly what they have listed on their site and on Apache Tomcat
site
keytool -genkey -keyalg RSA -alias tomcat -keystore domain_keystore.jks -keysize 2048
Followed by the command to generate CSR
keytool -certreq -alias tomcat -file domain_keystore.csr -keystore domain_keystore.jks
When I use openssl
to generate key it gets accepted by Network Solutions
. But some how I cannot get it to run with tomcat :(
openssl req -nodes -newkey rsa:2048 -keyout www_website_com.key -out www_website_com.csr
Exhausted and need help in installing thrid party certificate on Mac + Tomcat
解決
You can use the -sigalg
option to specify a signature algorithm to use with keytool -certreq
.
keytool -certreq -sigalg sha1withrsa -alias tomcat -file domain_keystore.csr -keystore domain_keystore.jks