CSR generated by keytool is not acceptable by Network Solutions

Question

When submitting CSR on the esteemed site Network Solutions I get an error message The CSR provided uses an unsupported signature algorithm. Supported algorithms are: md5withrsa, sha1withrsa, oid 1.2.840.113549.1.1.4, oid 1.2.840.113549.1.1.5. The command I am using is below and not sure why there are not accepting it when this is exactly what they have listed on their site and on Apache Tomcat site

keytool -genkey -keyalg RSA -alias tomcat -keystore domain_keystore.jks -keysize 2048

Followed by the command to generate CSR

keytool -certreq -alias tomcat -file domain_keystore.csr -keystore domain_keystore.jks 

When I use openssl to generate key it gets accepted by Network Solutions. But some how I cannot get it to run with tomcat :(

openssl req -nodes -newkey rsa:2048 -keyout www_website_com.key -out www_website_com.csr

Exhausted and need help in installing thrid party certificate on Mac + Tomcat

Answer 1

You can use the -sigalg option to specify a signature algorithm to use with keytool -certreq.

keytool -certreq -sigalg sha1withrsa -alias tomcat -file domain_keystore.csr -keystore domain_keystore.jks