cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
1578
Views
5
Helpful
3
Replies
ccsipaul01
Beginner

Generate CSR public key 2048 bit

Hello all,

I apologize if the answer is already posted here.

Trying to generate a certificate that uses a 2048 bit.

Going through the UI, there is no option to define the bit and it generates a 1024 bit key.

Looked at the CLI certconfig and the option there was to paste the PEM content.

Async OS 7.5.0-833.

Any help is appreciated.

Thanks

Paul

1 ACCEPTED SOLUTION

Accepted Solutions

Paul,

There is currently no way to generate keys other than 1024 bit keys.  It is a feature request with the current bug id's.

CSCzv70884 - [Feature Request] Support Generating 2048bit Certificates in HTTPS Proxy

Christian Rahl

Customer Support Engineer

Cisco Web Content Security Appliance

Cisco Technical Assistance Center RTP

View solution in original post

3 REPLIES 3
Ken Stieers
VIP Advocate

Paul,

I haven't found any docs where you can specify to create a 2048 bit key.  I think your best bet is to get a copy of OpenSSL, create your own key and CSR, and send that to the CA, and then upload the key and cert to the WSA...

Ken

Paul,

There is currently no way to generate keys other than 1024 bit keys.  It is a feature request with the current bug id's.

CSCzv70884 - [Feature Request] Support Generating 2048bit Certificates in HTTPS Proxy

Christian Rahl

Customer Support Engineer

Cisco Web Content Security Appliance

Cisco Technical Assistance Center RTP

Thanks Ken, Christian!

The problem is that few sites if any support 1024 bit keys anymore. Entrust and Thawte do not.

We used OpenSSL to generate the CSR and will try and bind to WSA. Never tried that before so hoping it was not a waste of time and money.

Thanks again Ken and Christian!!

Paul

Create
Recognize Your Peers
Content for Community-Ad