Re: [Pki-users] Questions on customizing certificate profiles

Hi @ all, I also tried to change from "SHA1withRSA" to "SHA256withRSA" by editing the config files. No luck! I found, this is hard-coded in the sources, for example in: - pki-common-1.3.2/src/com/netscape/cms/servlet/csadmin/SizePanel.java - pki-common-1.3.2//src/com/netscape/cmscore/security/CASigningCert.java Just look for "SHA1withRSA" in the files, I don't think this are just fallbacks. Best regards, Oli Am Mittwoch, 7. April 2010 03:27:04 schrieb Chandrasekar Kannan: > On 04/06/2010 05:08 PM, Arshad Noor wrote: >> The only option that is visible under Advanced is the key-size >> for each of the certificate-types. The hash algorithm does not >> show up at all. >> >> Even the default, as mentioned by Step 8, is not the default as >> the last 10-12 installs have shown: >> >> * SHA256withRSA (the default) >> >> So, the question is: is the current build of DogTag in the pki >> repository identical to RHCS 8.0 or is it a different version? > It might very well be ... we can look at the svn commits > to be really sure... > >> Arshad Noor >> StrongAuth, Inc. >> >> Chandrasekar Kannan wrote: >>> the installation wizard should provide 'options' under the advanced >>> section for you to be able to select the alg to use. Have you tried >>> doing Step (8) from here ? >>> http://www.redhat.com/docs/manuals/cert-system/8.0/install/html/Configur >>> ing_a_CA.html > _______________________________________________ > Pki-users mailing list > Pki-users(a)redhat.com > https://www.redhat.com/mailman/listinfo/pki-users >