Re: SHA512 Root CA Cert with RSASSA-PSS detected a...

kbogg · ‎03-07-2023

Hi.

I am trying to upload a CA certificate to the trusted root cert in the newest vCenter 8.

The CA cert. is the officielt danish government PKI root, which is a SHA512 Root CA Cert with RSASSA-PSS signature algorithm.

vCenter rejects the certificate with the following generic error:

Error occurred while adding trusted root certificates: com.vmware.vapi.std.errors.Error, Provided certificate using the weak signature algorithm. Please provide the strong signature algorithm certificate

Since the certificate uses only modern strong algorithms I assume the opposite is the issue (it uses "too strong") algoritms?

Shen88 · ‎04-15-2023

Hi @kbogg,

Resetting the Security Token Service (STS) may resolve this issue, please refer this old post below - Error occurred while fetching machine certificates... - VMware Technology Network VMTN

If you think your queries have been answered, Mark this response as "Correct" or "Helpful" and consider giving kudos to appreciate!

Regards,
Shen

All

SHA512 Root CA Cert with RSASSA-PSS detected as week by vCenter