Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

Key size for root CA with EAP-TLS

Is there any kind of constraint on the root CA's cert size? The root CA has a Cert of 2048 and it is handing out User,machine and server certs of 1024. I am having issues getting the certs to SSL handshake and was wondering if there is a issue trying to read the root because it has a cert of 2048 .

2 REPLIES
Silver

Re: Key size for root CA with EAP-TLS

I dont think there is any limit on the root CA cert size. But does it work if you use a cert of size 1024?

Community Member

Re: Key size for root CA with EAP-TLS

You clients will hang or fail with any key size over 1024. I had this same issue .... Do you see the Handshake errors in the ACS logs ? If so you are having the same issue.

Reinstall the CA with 1024

350
Views
0
Helpful
2
Replies
CreatePlease to create content