(SM) Support Tip: Ensure keystore is generated with SHA2 hashing and displays ‘SHA256withRSA"

When executing the keytool command to generate keystores with the SHA2 hashing algorithm ensure the command uses both –keyalg and -sigalg parameters. The command should look like this example:

keytool -genkeypair -alias myserver –keyalg RSA –sigalg SHA256withRSA -keystore servercert.keystore

When ‘servercert.keystore’ is created check the Signature Algorithm using the following keytool command using this example:

keytool -list -v -keystore servercert.keystore

In the produced output the following should be seen for Signature Algorithm

Signature algorithm name: SHA256withRSA