My Oracle Support Banner

ODSEE - Steps to Change the Algorithm of Self-Signed Certificate in DS6.x (Windows) (Doc ID 1556727.1)

Last updated on NOVEMBER 29, 2022

Applies to:

Oracle Directory Server Enterprise Edition - Version 6.0 to 6.3.1.1.1 [Release 6.0]
Information in this document applies to any platform.

Goal

On DS6.x, the self-sign cert is created with "PKCS #1 MD5 With RSA Encryption" algorithm by "dsadm add-selfsign-cert" command or DSCC.

But DS6.x DSCC and commands do not provide the functionality to change the algorithm.(*1)

How to change the self-sign cert algorithm on DS6.3?



(*1)DS7.0 or later, 'sigalg' option is added to dsadm add-selfsign-cert command and we can select SHA1, MD5 or SHA256.

* Sun Directory Server Enterprise Edition 7.0 Man Page Reference
dsadm(1M)
http://docs.oracle.com/cd/E19424-01/820-4813/dsadm-1m/index.html
----------------------------------------------------------------------------------------------------------------
dsadm add-selfsign-cert [-i] [-W CERT_PW_FILE] [-S DN] [--phone PHONE] [--email EMAIL] ... [--dns DOMAIN] ... [--validity DURATION] [--keysize SIZE] [--sigalg SIGALG] INSTANCE_PATH CERT_ALIAS

--sigalg SIGALG

  Specifies certificate signature algorithm. The default algorithm is SHA1. The other valid values are MD5 and SHA256.
----------------------------------------------------------------------------------------------------------------

 

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.