[Pki-users] SCEP enrollment

Dear colleagues, Dogtag version - 11.8.4, a lot of old cisco devices should be supported, and we got this message on pkic-tomcat server when tried to (configure) crypto pki enroll PKI.LVM 2024-04-08 18:18:37 [http-nio-8080-exec-17] SEVERE: Servlet.service() for servlet [caDynamicProfileSCEP] in context with path [/ca] threw exception [Couldn't handle CEP request (PKCSReq) - Could not unwrap PKCS10 blob: no such algorithm: SHA1/RSA for provider Mozilla-JSS] Prerequisites: all parameters for SCEP Security was enabled: ca.scep.encryptionAlgorithm=DES3 ca.scep.allowedEncryptionAlgorithms=DES3 ca.scep.hashAlgorithm=SHA1 ca.scep.allowedHashAlgorithms=SHA1,SHA256,SHA512 ca.scep.nickname=Server-Cert ca.scep.nonceSizeLimit=20