https://community.cisco.com/t5/network-security/self-signed-cert/m-p/2520237#M235555 <P>I have a customer that is using an ASA 5515 and they are requesting the certificate for the webVPN to be changed to use 2048 bits for the Public Key. They didn't purchase or install a cert on this firewall so it is just using the default cert that was already installed and it used 1024 bits for the public key. Is there a way to change that to 2048 without having them purchase a new cert? Any help would be greatly appreciated. Thanks!</P> Tue, 12 Mar 2019 04:37:52 GMT Benjamin Saito 2019-03-12T04:37:52Z https://community.cisco.com/t5/network-security/self-signed-cert/m-p/2520237#M235555 <P>I have a customer that is using an ASA 5515 and they are requesting the certificate for the webVPN to be changed to use 2048 bits for the Public Key. They didn't purchase or install a cert on this firewall so it is just using the default cert that was already installed and it used 1024 bits for the public key. Is there a way to change that to 2048 without having them purchase a new cert? Any help would be greatly appreciated. Thanks!</P> Tue, 12 Mar 2019 04:37:52 GMT https://community.cisco.com/t5/network-security/self-signed-cert/m-p/2520237#M235555 Benjamin Saito 2019-03-12T04:37:52Z https://community.cisco.com/t5/network-security/self-signed-cert/m-p/2520238#M235558 <P>Yes - first generate a new RSA key (making sure to specify&nbsp;2048-bit key length) and then a new self-signed certificate using that key. Change the binding of your outside interface to tie to that newly created certificate.</P><P>After doing that, your users should see the 2048-bit key usage in the SSL certificate. I've been setting up ones I do like that lately and can confirm it works. See screen shot below.</P><P><IMG src="https://community.cisco.com/legacyfs/online/media/capture_28.png" class="migrated-markup-image" /></P> Wed, 13 Aug 2014 21:14:50 GMT https://community.cisco.com/t5/network-security/self-signed-cert/m-p/2520238#M235558 Marvin Rhoads 2014-08-13T21:14:50Z