cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1163
Views
4
Helpful
5
Replies

2048 bit Certificate for LMS 3.1

rfuerdauer
Level 1
Level 1

Hello,

has anyone experiences how to use a CA signed 2048bit Certificate for SSL in LMS 3.1.

Per default LMS uses a self signed 1024bit Certificate which is not secure enough for our Security policies.

Thanks a lot

1 Accepted Solution

Accepted Solutions

I had assumed you already had one signed by a CA or local to your organization. If not, you can change the instances of 1024 to 2048 in NMSROOT/MDC/Apache/bin/ConfigSSL.pl and SignTool.pl to generate such a cert.

View solution in original post

5 Replies 5

yjdabear
VIP Alumni
VIP Alumni

Not sure about the 2048-bit part, but LMS can certain use CA certficate, per the documentation: "You can upload Third Party Security Certificates using the SSL Utility Script"

either

http://www.cisco.com/en/US/docs/net_mgmt/ciscoworks_common_services_software/3.1/user/guide/admin.html#wp843846

or

http://(your-lms-hostname-here):1741/help/cmf/sysadmin_self_sign_cert.html

Joe Clarke
Cisco Employee
Cisco Employee

Modulo 2048 certs should be fine. Anything above that will most certainly trigger failures.

That's good, but how can i generate a 2048 cert ?

I've found not hints in SSLUtil.pl or Help.

I had assumed you already had one signed by a CA or local to your organization. If not, you can change the instances of 1024 to 2048 in NMSROOT/MDC/Apache/bin/ConfigSSL.pl and SignTool.pl to generate such a cert.

Thank you very much.

Review Cisco Networking for a $25 gift card