Problem

-- Business partner's server could not import certificates that were generated to use the sha256 algorithm.

-- By default the self signed certificates generated by Interchange 5.10.0 and higher use the signature algorithm sha256.

Resolution

To resolve this issue create the appropriate self signed certificate. The system default parameter value (crossworks.selfSignedCert.sigAlg ) needs to be temporarily changed from sha256WithRSAEncryption  to sha1WithRSAEncryption for the duration of the generation of the self signed certificate.

The process is as follows:

1. After successful login to http://<server>:6080/ui/, change the address line to http://<server>:6080/ui/core/SystemProperties
2. Find the parameter  "crossworks.selfSignedCert.sigAlg"
3. If the parameter is not seen in the list, click the "Show default system properties" button, locate the property then click "Add Property".
4. Change the value of "crossworks.selfSignedCert.sigAlg" from  sha256WithRSAEncryption to sha1WithRSAEncryption
5. Generate the new certificate. Identify the certificate as SHA1 in the name
6. Change the value of "crossworks.selfSignedCert.sigAlg" from  sha1WithRSAEncryption to sha256WithRSAEncryption
7. In the collaboration settings, create a special collaboration for the partner
8. Check the option to specify the signing certificate to use
9. Select the SHA1 designated certificate from the dropdown
10. Check the option to specify the receipt signing certificate to use
11. Select the SHA1 designated certificate  from the dropdown
12. Send the public key certificate to the partner