|Applies To||Keon Certificate Authority 6.5.1|
Sun Solaris 2.8
Microsoft Windows 2000 Advanced Server
|Issue||Certificate Management Protocol (CMP) Service only allows 512-2048 keysizes in RSA Keon Certificate Authority 6.5.1|
Error: "Invalid public key size. Minimum key size if 512 bits, and maximum size is 2048 bits."
RSA Keon Certificate Authority 6.5.1 is designed to support up to 4096 bit key sizes. Some code in the Certificate Management Protocol (CMP) server still had a limit set inside to only accept keysizes up to 2048. If a CMP client connects and requests a keysize greater than 2048, the error message is generated by the CMPServer and sent to the client.
NOTE: The specific client may not be able to display this message but this is the error which may be seen on a LAN trace if the negotiation between the CMP client and the Keon CMP Server is monitored.
|Resolution||A drop-in patch is available from RSA Security Customer Support as KCA 6.5.1 hot fix build 234. This patch is cumulative and includes all official patches for KCA 6.5.1 up to build 234.|
|Legacy Article ID||a23143|