Re: [Pki-users] How do I issue 2048-bit RSA certificates to End Entity users?
Ebbe Hansen wrote:
I am currently testing the WEB enrollment features
(https://<CA-instance-name>:<port>/ca/ee/ca) using the IE as well as
the FireFox browsers. When requesting a Dual-Use certificate
(Certificate Profile - Manual User Dual-Use Certificate Enrollment) I
have the choice of invoking use of smart-cards / hard-tokens via a CSP
or a PKCS#11 crypto provider.
However, the keys generated always defaults to RSA 1024 bit! Has
anyone found the place to modify/configure the DogTag Certificate
Request WEB pages to default to (or enable selection of) other
key-sizes e.g. 2048 bits?
E. Hansen @ SPYRUS
------------------------------------------------------------------------
_______________________________________________
Pki-users mailing list
Pki-users(a)redhat.com
https://www.redhat.com/mailman/listinfo/pki-users
The CRMF generation requests come from a template file call
ProfileSelect.template in the directory <install-root>/weapps/ca/ee/ca.
Search for the "generateCRMFRequest" string in the file and you will
find the key size 1024 that you can modify.
Hope this helps.
Christina