I am currently testing the WEB enrollment features (https://<CA-instance-name>:<port>/ca/ee/ca) using the IE as well as the FireFox browsers. When requesting a Dual-Use certificate (Certificate Profile - Manual User Dual-Use Certificate Enrollment) I have the choice of invoking use of smart-cards / hard-tokens via a CSP or a PKCS#11 crypto provider.

 

However, the keys generated always defaults to RSA 1024 bit! Has anyone found the place to modify/configure the DogTag Certificate Request WEB pages to default to (or enable selection of) other key-sizes e.g. 2048 bits?

 

E. Hansen @ SPYRUS