ACS 4.1 cert issue (2048bit?)

Answered Question
Aug 7th, 2008
User Badges:

I am trying to install a .p7b cert on our ACS, I get 'Certificate file is in invalid or unsupported format.'

I know 2048bit certs were not supported in 3.3, is that still the case?

Correct Answer by Scott Fella about 8 years 11 months ago

Yes it is still the case. Look at this doc and do a seach for Key Size-1024**


The doc states:


Note: The Windows 2003 Enterprise CA allows key sizes greater than 1024. But, the use of a key larger than 1024 does not work with PEAP. Authentication might appear to pass in ACS, but the client just hangs while it attempts authentication.


http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_example09186a0080545a29.shtml

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Scott Fella Thu, 08/07/2008 - 19:38
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

Yes it is still the case. Look at this doc and do a seach for Key Size-1024**


The doc states:


Note: The Windows 2003 Enterprise CA allows key sizes greater than 1024. But, the use of a key larger than 1024 does not work with PEAP. Authentication might appear to pass in ACS, but the client just hangs while it attempts authentication.


http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_example09186a0080545a29.shtml

Actions

This Discussion

 

 

Trending Topics - Security & Network