Hi,
I don't seem to be able to regenerate the certificates. We're going from 9.60 to 9.70 and need to regen certs. They are also outdated.
So. I want to do the self-sign thingy the most simple way. Server, Loadbalanced Server and Web-tier, nothing else.
It seems I'm stuck at the very first step
- Exporting the private root CA key
38410000:error:0308010C:digital envelope routines:inner_evp_generic_fetch:unsupported:crypto\evp\evp_fetch.c:354:Global default library context, Algorithm (RC2-40-CBC : 0), Properties ()
I don't get it. Should I get rid of some certs first? Where is this RC2-40-CBC comming from. In set-params I have the following:
set CA_KEY_OPTS=-keyalg RSA -keysize 2048
set CERT_KEY_OPTS=-keyalg EC -keysize 256
I already tried with JRE 1.7 x86 and 1.6 x64 as well. No idea what I should try next. Support refuses to help, they say certificates aren't their scope. Partner is not willing to create "local" certs, we should deal with it. Last time I did this it was 10 years ago.
Please help.
BR,
Dávid