[Pki-users] How do I issue 2048-bit RSA certificates to End Entity users?
Christina Fu
cfu at redhat.com
Mon Jun 23 16:37:55 UTC 2008
Ebbe Hansen wrote:
>
> I am currently testing the WEB enrollment features
> (https://<CA-instance-name>:<port>/ca/ee/ca) using the IE as well as
> the FireFox browsers. When requesting a Dual-Use certificate
> (Certificate Profile - Manual User Dual-Use Certificate Enrollment) I
> have the choice of invoking use of smart-cards / hard-tokens via a CSP
> or a PKCS#11 crypto provider.
>
>
>
> However, the keys generated always defaults to RSA 1024 bit! Has
> anyone found the place to modify/configure the DogTag Certificate
> Request WEB pages to default to (or enable selection of) other
> key-sizes e.g. 2048 bits?
>
>
>
> E. Hansen @ SPYRUS
>
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Pki-users mailing list
> Pki-users at redhat.com
> https://www.redhat.com/mailman/listinfo/pki-users
>
The CRMF generation requests come from a template file call
ProfileSelect.template in the directory <install-root>/weapps/ca/ee/ca.
Search for the "generateCRMFRequest" string in the file and you will
find the key size 1024 that you can modify.
Hope this helps.
Christina
More information about the Pki-users
mailing list