000024407 - Is there a way to enforce passphrase to certificates requested by user with RCM ?

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 4Show Document
  • View in full screen mode

Article Content

Article Number000024407
Applies ToRSA Certificate Manager 6.7
Microsoft Windows 2003 Server SP1
Microsoft Internet Explorer
IssueIs there a way to enforce passphrase to certificates requested by user with RCM ?
Resolution

Currently the only way to force users to selected a passphrase is through the registry.

Here are steps:

***
Go to start\settings\control panel\administrative tools\local security policy\ security options
Select in "system cryptography" user must enter a password each time they use key
***

With the enrollment page, we can have the security option come up for the user, but the default option presented is "Medium" which is no passphrase. They would need to select "High".

See solution  How to set default for KCA enrollment to protect private key for more details

NotesBZ 53454
Legacy Article IDa34664

Attachments

    Outcomes