I am trying to enroll a root certificate to the box , it is throwing me an error
INFO: Certificate has the following attributes:
Fingerprint: 84e3260b cee31ca9 33dab4cd 770e30b6
Do you accept this certificate? [yes/no]: yes
% Error in saving certificate: status = FAIL
What could be the reason for this?
Root Certificate is what i am trying to install , which is generated from our internal PKI infrastrcutre which is encrypted with 4096 bits key.
Can anyone assist me in this?
The current version of ASA does not support certificate that is encrypted with 4096 bits key.
2048-bit is the maximum at this stage.
issue has been resolved.
ASA 5585 support 4096 bits.
Issue was with the Certificate itself , in that country name is provided in 3 letters. Cisco cannot identify country in three letters it should be 2 letters. Our PKI infrastructure has been rebuilt to generate certificate according to the requirement.
now its working fine :-)
He is installing a root CA which all ASA models support 4096. Just installed an internal root CA cert which was 4096bit on my home ASA5505. I just couldn't generate a CSR from the ASA5505 requesting a cert higher than 2048bit for the ASA itself.