cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1028
Views
0
Helpful
1
Replies

ASA: RSA 4096 for SSL

Hi,

I found this information:

 

2. ASA currently does not support 4096 bit keys (Cisco bug ID CSCut53512) for SSL server authentication. However, IKEv2 does support the use of 4096 bit server certificates on the ASA 5580, 5585, and 5500-X platforms alone.

Is there any changes? Any ASA supports RSA 4096 for SSL by now? Maybe some FPR?

 

Thank for help!

1 Accepted Solution

Accepted Solutions

can you not use the Configure the ssl trustpoint with a certificate that is 2048 bit or less in size.

 

FPR for ASA would have the same limitation.

 

you have Cisco support you can ask for enhancement.

Cisco Bug: CSCub92315 - ASA allows SSL trustpoint with 4096 bit keys - SSL fails to work

please do not forget to rate.

View solution in original post

1 Reply 1

can you not use the Configure the ssl trustpoint with a certificate that is 2048 bit or less in size.

 

FPR for ASA would have the same limitation.

 

you have Cisco support you can ask for enhancement.

Cisco Bug: CSCub92315 - ASA allows SSL trustpoint with 4096 bit keys - SSL fails to work

please do not forget to rate.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: