I want my certificates to be SHA256 compliant rather than the original SHA1 that were created during the initial implementation. Specifically my Agent and Server CAs.
Functionality not currently available. This is NOT supported now in the product.
This request has been sent to the Symantec Development team. This request is currently available starting ITMS 8.1 RU2 release. Please use the Certificate Management page (under SMP Console>Settings>All Settings>Notification Server) to replace certificates. Replacement of root certificate is available from certificate management page by replacing root certificate - all CEM agents and gateway will receive new certificate.
Prior to 8.1 RU2, currently the suggestion is to keep them as SHA1 until we provide a method that will upgrade certificates, rather than re-create them. If we try currently to re-create them (Agent and Server CA) as SHA256, those will be new certificates, so previously installed CEM agents will not work. If we try to recreate CA certificates - whole CEM environment will be lost. All CEM clients must be re-installed.