In an existing EJBCA instance [ version 4.0.6 ] on a Solaris environment.
I am migrating all the CA's and End entities to use SHA256 as the signature algorithm and have done that successfully.
However , when i try to do the same for the AdminCA1 CA , there is no profile for it and hence renewal only results in a certificate with SHA1 as signature algorithm.
I am unable to find instructions regarding how this can be done.
Is this possible by any means or is AdminCA1 fixed and can be renewed only with the original keysize and algorithm with which it was created ?
You can change both profile and signature algorithm on a CA. Check the "ejbca.sh ca" CLI command.
PrimeKey Solutions offers commercial EJBCA and SignServer support subscriptions and training courses. Please see www.primekey.se or contact email@example.com for more information.
Log in to post a comment.
Sign up for the SourceForge newsletter:
You seem to have CSS turned off.
Please don't fill out this field.