Is it a size or allocation issue?
CSCdv48299 If fewer than three spots remain in the CA certificate store of a VPN 3000 Concentrator, and an attempt is made to install a CA certificate with associated RAs, then the RA or RAs are installed (filling the store) and the root certificate is not installed. This is incorrect behavior. Instead, the software should check to see if there is enough room in the store before installing a partial CA certificate. Partial certificates should not be installed. If the RAs and the Root certificate cannot be installed, the software should install nothing. Or just RTFM below? Martijn Key Size - man Yes scep Yes The algorithm for generating the public-key/private-key pair, and the key size. If you are requesting an SSL certificate, of if you are requesting an identity certificate using SCEP, only the RSA options are available. RSA 512 bits = Generate 512-bit keys using the RSA (Rivest, Shamir, Adelman) algorithm. This key size provides sufficient security and is the default selection. It is the most common, and requires the least processing. RSA 768 bits = Generate 768-bit keys using the RSA algorithm. This key size provides normal security. It requires approximately 2 to 4 times more processing than the 512-bit key. RSA 1024 bits = Generate 1024-bit keys using the RSA algorithm. This key size provides high security, and it requires approximately 4 to 8 times more processing than the 512-bit key. man Yes csep No DSA 512 bits = Generate 512-bit keys using DSA (Digital Signature Algorithm). DSA 768 bits = Generate 768-bit keys using the DSA algorithm. DSA 1024 bits = Generate 1024-bit keys using the DSA algorithm. -----Oorspronkelijk bericht----- Van: Reimer, Fred [mailto:[EMAIL PROTECTED] Verzonden: zaterdag 2 augustus 2003 14:49 Aan: [EMAIL PROTECTED] Onderwerp: Largest CA Keylength on VPN 3000 [7:73409] Let's see if anyone here can answer faster than Cisco TAC. What is the largest CA root key length supported by the Cisco VPN Concentrator 3000 series hardware? I have a 4096 bit key and it won't accept the root key because it can't "validate" it. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=73593&t=73409 -------------------------------------------------- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html