Re: Problem with wallet manager - wrong signature algorithm

On Jul 2, 6:50 pm, Andreas Werner <i..._at_awit.biz> wrote:
> Hi,
>
> I´ve a problem with the certification request. My certificate authority
> rejected it with comment "MD5 Signature Algorithm Detected,Please change
> the signature algorithm to SHA1 or better, create a new CSR and try it
> again!"
>
> I can´t find any solution to change this in the oracle wallet manager.
>
> Any ideas?
> Thanks!
>
> Andy

[Quoted] You can try to use OpenSSL to generate the CSR. To do this, you first need to generate a CSR in OWM (this will also create a keypair.) You then use

openssl pkcs12 -in your_wallet.p12 -nodes -out your_wallet.pem

to break the wallet into PEM-encoded components. -nodes instructs OpenSSL to skip encryption of the private key. Next you extract the private key from your_wallet.pem (copy and paste it into a separate file) and use

openssl req -new -key your_privkey.key -out somesite.csr

OpenSSL will prompt you for request attributes, just enter the same data you entered when creating CSR in OWM. OpenSSL uses SHA-1 in CSRs by default, so this CSR should be accepted by your CA.

Finally, import the signed certificate into the wallet.

I believe this should do the trick. Please post back whether you will succeed or not with this approach.

Hth,

   Vladimir M. Zakharychev Received on Thu Jul 08 2010 - 07:14:29 CEST