Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
628
Views
0
Helpful
2
Replies

Certificate Management on Cisco VPN 3000 Concentrator

a.medusei
Level 1
Level 1

‎11-22-2004 01:12 AM

Hi,

I need to install certificates on Cisco VPN 3000 Concentrator.

The problem is I've a root CA Certificate of 4096 and I can't import it.

Anyone know how I can solve this problem?

Any suggestion?

Labels:
0 Helpful
2 Replies 2

gfullage
Cisco Employee
Cisco Employee

‎11-22-2004 04:17 PM

The VPN3000 does not currently support cert sizes of 4096 unfortunately. Cert processing is done on HW and the HW doesn't support it at this time.

0 Helpful

shawnmchenry
Level 1
Level 1

‎12-30-2004 08:55 AM

We just went through this...

According to Cisco you have two choices:

(1)Await the next round of VPN products that will support CA root certificates generated with a 4096 bit key

(2)Scrap your existing CA infrstructure and start over by generating a CA root certificate using a 2048 bit key. This is what we ended up doing. We revoked 30K certificates, rebuilt our CA servers and started over.

0 Helpful
Customers Also Viewed These Support Documents