10-21-2014 10:45 PM - edited 03-10-2019 12:18 AM
Hi
When you enable http secure server on a cisco device, it generates 1024 rsa keys. Is it possible to generate 2048 bits keys for https? I don't want to request an authority certificate.
We want to do this on a 3850 switch with 3.3.4SE IOS.
Thanks
10-22-2014 06:59 PM
You can generate an extra RSA-keypair for that:
crypto key generate rsa label HTTPS-KEY modulus 2048
crypto pki trustpoint YOUR-TRUSTPOINT
rsakeypair HTTPS-KEY
ip http secure-trustpoint YOUR-TRUSTPOINT
10-22-2014 06:59 PM
Thanks Karsten
Can I configure a trustpoint with just a switch? I mean no servers, official certification entities, applications.... just commands on one single switch?.
Thanks for you help.
10-23-2014 09:36 PM
Oh... now I understand you included the trustpoint configuration. Sorry >.<
Thanks again.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide