I have create a MS CA whit a root Certificate 4096 bit, the result during ca authentication (PIX 515-UR v.6.3.3) is the following:
CRYPTO_PKI: Error: Invalid modulus length in public or private key while
CRYPTO_PKI: WARNING: Unsupported certificate or CRL signature algorithm while ve
rifying self-signed cert signature
CRYPTO_PKI: WARNING: A certificate chain could not be constructed while selectin
g certificate status
CRYPTO_PKI: Error: Code 0x0000 while selecting self signed certificate
CRYPTO_PKI: WARNING: Certificate, private key or CRL was not found while verifyi
ng cert in message by issuer self-signed cert
CRYPTO_PKI: WARNING: A certificate chain could not be constructed while selectin
g certificate status
CRYPTO_PKI: Error: Code 0x0000 while selecting self signed certificate
CRYPTO_PKI: WARNING: Certificate, private key or CRL was not found while verifyi
ng cert in message by issuer self-signed cert
CRYPTO_PKI: WARNING: A certificate chain could not be constructed while selectin
g certificate status
CRYPTO_PKI: Error: Code 0x0000 while selecting self signed certificate
CRYPTO_PKI: WARNING: Certificate, private key or CRL was not found while verifyi
ng cert in message by issuer self-signed cert
CRYPTO_PKI: status = 324: failed to verify
CRYPTO_PKI: transaction GetCACert completed
Crypto CA thread sleeps!
CI thread wakes up!
With modulus 1024 or 2048 don't have problem.
Why? Is a limitation?