How can I create a Certificate Request Signed by a different algoritm than my private key?

Solution Verified - Updated -

Issue

  • Need to be able to generate a cert request using an *existing* key (i.e. the root's existing private key) that is signed by something other than the default MD5 algorithm
  • If the java GUI is used to create a request (pretend the cert is a subordinate CA so the GUI presents a request rather than
    automatically signing it itself), the request is MD5
  • If certutil is used do the same thing, it comes out as SHA-1
  • Cannot find any option in certutil to use an arbitrary signature algorithm (e.g. SHA-256).

Environment

  • Red Hat Certificate System 8
  • Red Hat Enterprise Linux 5

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content