Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1388
Views
0
Helpful
1
Replies

ASA: RSA 4096 for SSL

Go to solution
Patryk Klaczynski
Level 1
Level 1

‎03-28-2022 11:12 PM

Hi,

I found this information:

 

2. ASA currently does not support 4096 bit keys (Cisco bug ID CSCut53512) for SSL server authentication. However, IKEv2 does support the use of 4096 bit server certificates on the ASA 5580, 5585, and 5500-X platforms alone.

Is there any changes? Any ASA supports RSA 4096 for SSL by now? Maybe some FPR?

 

Thank for help!

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Sheraz.Salim
VIP Alumni
VIP Alumni

‎03-28-2022 11:34 PM - edited ‎03-28-2022 11:51 PM

can you not use the Configure the ssl trustpoint with a certificate that is 2048 bit or less in size.

 

FPR for ASA would have the same limitation.

 

you have Cisco support you can ask for enhancement.

Cisco Bug: CSCub92315 - ASA allows SSL trustpoint with 4096 bit keys - SSL fails to work

please do not forget to rate.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Sheraz.Salim
VIP Alumni
VIP Alumni

‎03-28-2022 11:34 PM - edited ‎03-28-2022 11:51 PM

can you not use the Configure the ssl trustpoint with a certificate that is 2048 bit or less in size.

 

FPR for ASA would have the same limitation.

 

you have Cisco support you can ask for enhancement.

Cisco Bug: CSCub92315 - ASA allows SSL trustpoint with 4096 bit keys - SSL fails to work

please do not forget to rate.
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card