Problem Changing ikeyMan 7.0.4.14

[ste...@synerforteglobal.com]

I am using Ikeyman supplied with IBM HTTP Server 6.1. The problem is that the default signature algorithm is MD5WithSHA. However, I want to implement a signature algorithm of SHA1WithRSA. I tried changing this in the ikeycmd.properties and ikmuser.properties file which I passed on the command line but this doesnt seem to work as the relevant property entry doesnt appear to be picked up. The ikminit.properties is only useful for GUI and I am using the CLI. Please how can I make this change of the default signature algorithm.

[Eric Covener]

gsk7capicmd is much faster, defaults to SHA1, and is pretty close
feature wise by 7.0.4.14. I would discourage from using these tools to
sign certificates as this feature is essentially for test purposes only.

--
Eric Covener

[Eric Covener]

If you have access to IHS 7.0, you can use java/jre/bin/ikeycmd instead
of gsk7cmd, and it understands a new -sig_alg parameter.

Option B is to acquire any IBM Java 6 JRE, add the IBMCMSKS provider to
java.security, and use the bundled ikeycmd or your /bin/gsk7cmd with
JAVA_HOME pointing at the new JRE -- sig_alg will be accepted there as well.

--
Eric Covener