I didn’t get you since as far as I understand you will not generate certificates that use the SHA1withRSA signature algorithm but after conducting several tests, I discovered that you can achieve your goal by specifying the appropriate Signature Schemes that can be used over the TLS protocol.
-Djdk.tls.server.SignatureSchemes=rsa_pkcs1_sha256,rsa_pkcs1_sha384,rsa_pss_rsae_sha256,rsa_pss_rsae_sha384 -Djavax.net.ssl.SSLParameters.setSignatureSchemes=rsa_pkcs1_sha256,rsa_pkcs1_sha384,rsa_pss_rsae_sha256,rsa_pss_rsae_sha384
You can find the list of Signature Schemes available at Java Security Standard Algorithm Names
Please ensure that you evaluate the proposed solution within the context of your own risks and assumptions, as I have not conducted extensive testing on it.
Kind regards,
Diego from HiveMQ Team