VMware Cloud Community
vadm168
Enthusiast
Enthusiast
‎07-13-2018 03:43 PM

Generating Machine SSL CSR for 4096 bit

VCSA 6.5u2

I'd like to generate a CSR for the VCSA 6.5's Machine SSL and use internal Windows Server Certificate Service to sign it. the CA requires minimum 4096-bit but it looks like the CSR generated by VMware Certificate Manager is 2048-bit. is there a way to change VMware Certificate Manager to genearte 4096 bit CSR?

Thanks,

0 Kudos
1 Reply
RickVerstegen
Expert
Expert
‎07-15-2018 12:56 PM

You are able to change/update the certool.cfg. You can check if there is parameter available for keysize.

VMware Knowledge Base

If there is no parameter available you can use OpenSSL to generate the CSR with a 4096 bit keysize.

Rick

Please consider marking this answer "correct" or "helpful" if you think your query have been answered correctly.

Was I helpful? Give a kudo for appreciation!
Blog: https://rickverstegen84.wordpress.com/
Twitter: https://twitter.com/verstegenrick
0 Kudos