SHA-1 may have been removed from JSS:
https://github.com/dogtagpki/jss/pull/950
On Mon, Apr 8, 2024 at 1:01 PM Marc Sauton wrote:
> you may need to change the system's cryptographic policies to either
> "LEGACY" or "DEFAULT:SHA1", as SHA-1 has been deprecated:
>
> update-crypto-policies --set
you may need to change the system's cryptographic policies to either
"LEGACY" or "DEFAULT:SHA1", as SHA-1 has been deprecated:
update-crypto-policies --set DEFAULT:SHA1
reboot and test again
see:
man update-crypto-policies
man crypto-policies
doc link:
3.3. Setting up system-wide cryptographic
Dear colleagues,
Dogtah version - 11.8.4, a lot of old cisco devices should be supported, and we
got this message on pkic-tomcat server when
tried to
(configure) crypto pki enroll PKI.LVM
2024-04-08 18:18:37 [http-nio-8080-exec-17] SEVERE: Servlet.service() for
servlet [caDynamicProfileSCEP]
Dear colleagues,
Dogtag version - 11.8.4, a lot of old cisco devices should be supported, and we
got this message on pkic-tomcat server when
tried to
(configure) crypto pki enroll PKI.LVM
2024-04-08 18:18:37 [http-nio-8080-exec-17] SEVERE: Servlet.service() for
servlet [caDynamicProfileSCEP]
Dear colleagues,
Dogtag version - 11.8.4, a lot of old cisco devices should be supported, and we
got this message on pkic-tomcat server when
tried to
(configure) crypto pki enroll PKI.LVM
2024-04-08 18:18:37 [http-nio-8080-exec-17] SEVERE: Servlet.service() for
servlet [caDynamicProfileSCEP]