04-01-2013 11:55 AM
Hello all,
I apologize if the answer is already posted here.
Trying to generate a certificate that uses a 2048 bit.
Going through the UI, there is no option to define the bit and it generates a 1024 bit key.
Looked at the CLI certconfig and the option there was to paste the PEM content.
Async OS 7.5.0-833.
Any help is appreciated.
Thanks
Paul
Solved! Go to Solution.
04-03-2013 10:17 AM
Paul,
There is currently no way to generate keys other than 1024 bit keys. It is a feature request with the current bug id's.
CSCzv70884 - [Feature Request] Support Generating 2048bit Certificates in HTTPS Proxy
Christian Rahl
Customer Support Engineer
Cisco Web Content Security Appliance
Cisco Technical Assistance Center RTP
04-01-2013 12:23 PM
Paul,
I haven't found any docs where you can specify to create a 2048 bit key. I think your best bet is to get a copy of OpenSSL, create your own key and CSR, and send that to the CA, and then upload the key and cert to the WSA...
Ken
04-03-2013 10:17 AM
Paul,
There is currently no way to generate keys other than 1024 bit keys. It is a feature request with the current bug id's.
CSCzv70884 - [Feature Request] Support Generating 2048bit Certificates in HTTPS Proxy
Christian Rahl
Customer Support Engineer
Cisco Web Content Security Appliance
Cisco Technical Assistance Center RTP
04-03-2013 12:02 PM
Thanks Ken, Christian!
The problem is that few sites if any support 1024 bit keys anymore. Entrust and Thawte do not.
We used OpenSSL to generate the CSR and will try and bind to WSA. Never tried that before so hoping it was not a waste of time and money.
Thanks again Ken and Christian!!
Paul
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: