Trying to setup Secure CORBA with custom certificates according to the documentation:

https://techdocs.broadcom.com/us/en/ca-enterprise-software/it-operations-management/spectrum/21-2/administrating/oneclick-administration/oneclick-administration-pages.html

Follow the steps and use the OpenSSL tool to generate the certificates, but the generated certificates doesn't work.

While Secure CORBA set up with the default self-signed certificates shipped with the product works fine.

Release : 21.2

Component : Spectrum OneClick

OS : Linux RHEL 8.x 

OpenSSL on RHEL8 (OpenSSL 1.1.1k  FIPS 25 Mar 2021) is not supported.

There is a known limitation with OpenSSL on RHEL 8.x (OpenSSL 1.1.1k  FIPS) due to Java compatibility.

Use OpenSSL tool from RHEL 7.x (OpenSSL 1.0.2k-fips) to create the keystore - this will work fine.

These are the currently tested and working environments for certificates generation with OpenSSL:

-RHEL 7.x with OpenSSL version 1.0.2k-fips.
-Windows Cygwin bash (shipped by Spectrum) with OpenSSL version: 1.0.2n

So for now, until the issue is resolved by Oracle/OpenSSL, customer can
Use Spectrum on Windows platform to generate certs.
Or keep an RHEL 7.x system available (in shutdown state) and use it to generate certificates when needed.

There is a ticket opened with Micro Focus for the component Visibroker. This problem is due to the compatibility issues introduced in OpenSSL 1.1.1x with Java8. OpenSSL 1.1.1x uses PKCS5 Version 2 algorithms and Java is unable to handle this version. So, they recommend to generate the certificates with an older version of OpenSSL until Oracle/OpenSSL address the issue.