in new Chrome browser ver.45 we faced a problem with opening SDP through HTTPS with self-signed certificate, because since that version (and as Chrome projects page states, that it may be backported to earlier versions too) only keys of 1024-bit or bigger and strictly with DHE RSA accepted.

Does anybody has an idea, how to renew certificates to met new requirements? It is obvious about required length, but is it possible to create certificate with DHE by standart keytool? 

Or maybe there is another way, a workaround?

Give us an advise, please.