Keytool keeps giving SHA256 sigalg instead of requested alg
I am using Keytool in java to generate a keystore/CSR to submit to a certificate Authority.
My CA only supports MD5withRSA and SHA1withRSA
Everytime I use keytool to create the keystore and export the CSR I am getting a SHA256withRSA signature Algorithm.
I've tried manually setting the -sigalg but it keeps going to sha256 everytime whether i try to set it to md5 or sha1
Can someone advise me on what I'm doing wrong
keytool -genkey -alias server -keyalg RSA -sigalg SHA1withRSA -keysize 2048 -keystore www_mydomain_com.jks -dname "CN=www.mydomain.com,OU=it, O=mycompany, L=thecity, ST=thestate, C=US" && keytool -certreq -alias server -file www_mydomain_com.csr -keystore www_mydomain_com.jks
keytool -genkey -alias server -keyalg RSA -sigalg MD5withRSA -keysize 2048 -keystore www_mydomain_com.jks -dname "CN=www.mydomain.com,OU=it, O=mycompany, L=thecity, ST=thestate, C=US" && keytool -certreq -alias server -file www_mydomain_com.csr -keystore www_mydomain_com.jks
Both commands create a csr that shows SHA256withRSA
Answer
You should add -sigalg SHA1WithRSA parameter to the second keytool call, where CSR is actually generated.