Comprar ou Renovar
Comprar ou Renovar
cancelar
Activar sugestões
A sugestão automática ajuda-o a especificar os resultados de pesquisa sugerindo-lhe correspondências enquanto escreve.
Mostrar resultados para 
Pesquisar em vez de 
Queria dizer: 
cancel
Iniciar uma conversa
376
Apresentações
0
Útil
1
Respostas

CMS Key Length

Marcelo Bergamini
Level 1
Level 1

em ‎12-03-2024 05:21 AM

Hi everyone.

We are deploying a CMS cluster and need to generate certificates for our CA teams to sign.

Generating the certificates from the CMS gives us a CSR with a key length of 2048 and our CA team asks for a key length of 4096.

Is there a way to change the key length via CMS cli?

Rótulos:
0 Útil
1 RESPOSTA 1

Nadav
Level 7
Level 7

em ‎03-16-2025 08:06 AM

Hi,

Unfortunately CMS doesn't allow to supply key size as an attribute for CSR.

You need to create your own CSR outside of CMS MMP with whatever attributes you want. For example, you could use a Windows domain-joined workstation to create a CSR, issue the certificate with exportable private key, then split the public cert and the private key into distinct files. Once that's done upload the two files to your CMS.

Take a look at Appendix A of this guide:

https://www.cisco.com/c/dam/en/us/td/docs/conferencing/ciscoMeetingServer/Deployment_Guide/Version-3-10/Certificate-Guidelines-for-all-Deployments-3-10.pdf 

It's important that the files you upload to CMS aren't password protected, otherwise they key can't be matched to the certificate. Make sure to make user of "pki match <key> <cert>" to verify it works well. 

 

0 Útil
Customers Also Viewed These Support Documents