ACS 4.1 cert issue (2048bit?)

Answered Question
Aug 7th, 2008

I am trying to install a .p7b cert on our ACS, I get 'Certificate file is in invalid or unsupported format.'

I know 2048bit certs were not supported in 3.3, is that still the case?

Correct Answer by Scott Fella about 8 years 6 months ago

Yes it is still the case. Look at this doc and do a seach for Key Size-1024**


The doc states:


Note: The Windows 2003 Enterprise CA allows key sizes greater than 1024. But, the use of a key larger than 1024 does not work with PEAP. Authentication might appear to pass in ACS, but the client just hangs while it attempts authentication.


http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_example09186a0080545a29.shtml

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Scott Fella Thu, 08/07/2008 - 19:38

Yes it is still the case. Look at this doc and do a seach for Key Size-1024**


The doc states:


Note: The Windows 2003 Enterprise CA allows key sizes greater than 1024. But, the use of a key larger than 1024 does not work with PEAP. Authentication might appear to pass in ACS, but the client just hangs while it attempts authentication.


http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_example09186a0080545a29.shtml

Actions

This Discussion

 

 

Trending Topics - Security & Network