Rajavel
Reputation: 11
Need help for generating the GEO trust certificate
When a security scan is done, we got the a violation mentioned as SSL Weak Cipher Suite Encryption Algorithm Key Length Supported. The resolution suggested is "Disable cipher suites that support less than a 128-bit encryption algorithm key length. Reconfigure the affected application to use a high-grade encryption cipher suite". We are using the following command to generate the CSR which is used as input for generating the GEO trust certificate. Can you please help us get the issue sorted out.
keytool -genkey -alias confluence-a -keyalg RSA -sigalg SHA256withRSA -keysize 2048 -keypass ******* -storepass '*****' -keystore /home/confluence-a.keystore
keytool -keystore /home/confluence-a.keystore -certreq -alias confluence-a -keyalg RSA -sigalg SHA256withRSA -keysize 2048 -keypass ****** -storepass '******' -file /home/confluence-a.csr
Upvotes: 0
Views: 29
Answers (1)
user207421
Reputation: 310980
You are confused. The key used by the cipher suite has nothing to do with the certificate. You need to look at the API for SSLSocket and friends.
Upvotes: 1
Related Questions
- what are the steps to create self-signed certificate in tomcat?
- Can I generate CSR using java keytool on Computer 1, and use that keystore on Computer 2?
- Using BKS with keytool resulting in Failed to establish chain from reply
- How to generate trusted self signed certificate with SHA2 signing algorithm using keytool?