The ADDM appliance doesn't give you a choice and BMC can't answer that question.
I generated my own on the command line, replaced their key and got a cert from versign and did it that way. Kind of a work around, but it seems to work. Not sure if it's supported. Anne Ramey *********************************** E-mail correspondence to and from this address may be subject to the North Carolina Public Records Law and may be disclosed to third parties only by an authorized State Official. From: Action Request System discussion list(ARSList) [mailto:[email protected]] On Behalf Of patrick zandi Sent: Thursday, October 07, 2010 1:43 PM To: [email protected] Subject: Re: ADDM question ** At what level did you create the key? 512? 1024? 2048? initially On Thu, Oct 7, 2010 at 1:37 PM, Ramey, Anne <[email protected]<mailto:[email protected]>> wrote: ** I've posted on the tideway forum as well, but I wanted to see if anyone here might be using ADDM and have seen this same issue. We have been looking for a solution to this one for several days and haven't found one. When we use the https option under Administration to generate a csr, when we upload it to Verisign to get a cert, we get an error: Error 600d - Weak key The submitted CSR contains a weak key. For all non-Extended Validation certificates, a minimum 768-bit key is required. 1024-bit or greater is strongly recommended. For 1-year Extended Validation certificates requested by December 31, 2009, a minimum 1024-bit key is required. A 2048-bit or stronger key is strongly recommended. After December 31, 2009, a 2048-bit or stronger key is required for all EV certificates. For 2-year Extended Validation certificates, a minimum 2048-bit key is required. I changed the default bits in /usr/tideway/etc/https/openssl.conf from 1024 to 2048 and it didn't help (I restarted httpd and the application after doing that). [ req ] default_bits = 2048 We've changed ssl.conf from SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW to SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:!MEDIUM:!LOW and then restarted the appliance after doing this. No dice. Anyone know how to fix this? Or what command ADDM runs when it generates this csr? Anne Ramey *********************************** E-mail correspondence to and from this address may be subject to the North Carolina Public Records Law and may be disclosed to third parties only by an authorized State Official. _attend WWRUG10 www.wwrug.com<http://www.wwrug.com> ARSlist: "Where the Answers Are"_ -- Patrick Zandi _attend WWRUG10 www.wwrug.com ARSlist: "Where the Answers Are"_ _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org attend wwrug10 www.wwrug.com ARSlist: "Where the Answers Are"
