08-13-2014 12:09 PM - edited 03-11-2019 09:37 PM
I have a customer that is using an ASA 5515 and they are requesting the certificate for the webVPN to be changed to use 2048 bits for the Public Key. They didn't purchase or install a cert on this firewall so it is just using the default cert that was already installed and it used 1024 bits for the public key. Is there a way to change that to 2048 without having them purchase a new cert? Any help would be greatly appreciated. Thanks!
Solved! Go to Solution.
08-13-2014 02:14 PM
Yes - first generate a new RSA key (making sure to specify 2048-bit key length) and then a new self-signed certificate using that key. Change the binding of your outside interface to tie to that newly created certificate.
After doing that, your users should see the 2048-bit key usage in the SSL certificate. I've been setting up ones I do like that lately and can confirm it works. See screen shot below.
08-13-2014 02:14 PM
Yes - first generate a new RSA key (making sure to specify 2048-bit key length) and then a new self-signed certificate using that key. Change the binding of your outside interface to tie to that newly created certificate.
After doing that, your users should see the 2048-bit key usage in the SSL certificate. I've been setting up ones I do like that lately and can confirm it works. See screen shot below.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: