SHA256 Support with Java
When using Java 1.7 the explicit use of TLS1.1 or TLS1.2 is required. In order to support this the following parameters must be passed to the JRE to support these protocols:
1. If you experience handshake failures please validate TLS1 is not being used by running your tests with the following parameter
2. If you are not using java 7U85 you will need to ensure that the Comodo "UserTrust RSA Ceritication Authority" certificate is trusted by your java keystore.
List Trusted CA Certs (use your path to your local CA certificate locations):
keytool -list -v -keystore /usr/lib/jvm/java-1.7.0-openjdk-22.214.171.124.x86_64/jre/lib/security/cacerts
Download the pem and import the new CA into Trusted Certs:
keytool -import -trustcacerts -file /path/to/ca.pem -alias CA_ALIAS -keystore /usr/lib/jvm/java-1.7.0-openjdk-126.96.36.199.x86_64/jre/lib/security/cacerts