Allow higher bit CSR for setting up CA certificates XS748T
(I actually have the 48 port model but that wasn't in the drop down list.)
I ran into a problem when trying to get a legitimate (as opposed to self-signed) CA certificate. The CSR that this switch generates is 1024 bit and my CA issuer requires 2048 bits minimum. I would like to request a larger range available for CSR generation so that I can get a good CA certificate for the switch. This could be easily done with a drop down giving the user a choice between 1024, 2048, 4096 etc bits to use in the private key and CSR thusly generated.
I have witnessed other infrastructure become slowly more difficult to access because modern browsers are demanding more stringent standards for the certificates they recognize; I have some PDU's that I literally have to run 2006-era Firefox browsers to get into these days. I don't want to have to deal with this in the future with the switches. If these switches are to be primarily accessed via a web browser without some kind of ssh option, direct console access, or other secure alternative, this seems like an important issue. Browsers are increasingly rejecting self-signed certificates as well.
Here's a link to my original question about this issue:
Thank you for your consideration to this idea/request.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.