ORAPKI Tool Not Generating Certificate Request With Sha256 (Doc ID 2216288.1)

Last updated on DECEMBER 22, 2016

Applies to:

Oracle Security Service - Version 11.2 and later
Information in this document applies to any platform.
orapki version is 11.1.1.7.0
orapki command is executed on OEM application server of version 12.1.0.5

Symptoms

orapki utility is not exporting the certificate request with sha256 signing algorithm.

The following command was executed to add certificate request to the oracle wallet :
/u01/app/oraem/em12.1.0.5/oracle_common/bin/orapki wallet add -wallet /u01/app/wallets -dn "default_md=sha256 default_bits=2048 CN=xxxx.com, OU=xxxxxxx, O=xxxx, L=xxxx, ST=xxxx, C=US" -sign_alg sha256 -keysize 2048 -pwd xxxx

The below orapki command to export the certificate request is not failing. But orapki command is NOT exporting the request in sha256 format. It is exporting in default md5.
/u01/app/oraem/em12.1.0.5/oracle_common/bin/orapki wallet export -wallet /u01/app/wallets -dn "CN=xxxx.com, OU=xxxxxxx, O=xxxx, L=xxxx, ST=xxxx, C=US" -request /u01/app/oraem/pki/certreq.csr


Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms