Troubleshooting
Problem
Symptom
![image 9074](/support/pages/system/files/inline-images/image_9074.png)
Cause
Environment
Although the behavior was not seen with Firefox, future versions of Firefox may behave in the same manner.
Diagnosing The Problem
2. Determine the algorithm used in your SSL certificate for connection to the server.
For example,in your http server is it using a certificate created with SHA1withRSA algorithm:
[root bin]# ./gskcmd -cert -details -label sslkeycert -db /opt/IBM/sslkey.kdb
3. If the certificate has a SHA1 algorithm then your certificate has the issue.
Resolving The Problem
1. Create a backup of your existing certificates.
For example, move your existing certificates from /opt/IBM/sslkey* to /opt/IBM/backup/sslkey*
2. Created a new SSL certificate.
For example, in your http server key store, you can use the following commands to create a new certificate that uses the SHA256WithRSA algorithm.
[root bin]# ./gskcmd -keydb -create -db /opt/IBM/sslkey.kdb -pw wasadmin -type cms -stash
[root bin]# ./gskcmd -cert -create -db /opt/IBM/sslkey.kdb -type cms -pw wasadmin -label sslkeycert -dn "CN=<host name>.ibm.com,O=IBM,C=IN" -sig_alg SHA256WithRSA -size 2048 -default_cert yes
3. To verify the new certificate
a. As indicated previously, determine the algorithm used in your SSL certificate and verify that it is not SHA1.
b. Clear your browser's cache or open an incognito window.
c. While connecting to the server, check that the browser does not report an error with the login certificate.
Document Location
Worldwide
Was this topic helpful?
Document Information
Modified date:
01 April 2021
UID
ibm16437745