Hi Joost,
this is a long shot but it may be useful for you. I disassembled jar that implements keystore for Java AS. You can find Jave code there like
if (signKey.getAlgorithm().equals("DSA"))
algorithmID = AlgorithmID.dsaWithSHA;
else if (signKey.getAlgorithm().equals("DH"))
algorithmID = AlgorithmID.dhKeyAgreement;
else {
algorithmID = AlgorithmID.sha1WithRSAEncryption;
}
So it seems to me that it has a hard coded algorithm that is used for hashing. This is from 7.31 system. I don't have access to 7.11 to check if has hard coded md5 instead of sha1. But it looks to me that there is no option how to control this. Hence the only way how to switch to sha1 seems to be upgrade of Java AS.
Cheers