G
GLMN1
Guest
Hello.
I am running Windows Server 2019 Standard, Build 1809 (OS build 17763.1790) that is fully patched as of March 3, 2021. It is a VM.
I just added "Active Directory Certificate Services / Certification Authority" role. (I have previously added "Active Directory Domain Services" role.)
During the post-install configuration, I specified that I wanted to generate a 4096-bit length RSA key for the Root CA certificate.
Everything looked good.... However, when I actually look at the Root CA certificate that was generated, it contains a 2048-bit public key!
I rolled back the VM thinking that I accidently chose 2048-bit by mistake. I did the whole process again - making sure that I absolutely selected 4096-bit. And again, the Root CA certificate that was generated contained a 2048-bit public key.
Is this a bug? If not, can someone explain how I can actually generate a 4096-bit key?
Edit: I should also note that I selected SHA512 for the hashing algorithm instead of the default SHA256.
Continue reading...
I am running Windows Server 2019 Standard, Build 1809 (OS build 17763.1790) that is fully patched as of March 3, 2021. It is a VM.
I just added "Active Directory Certificate Services / Certification Authority" role. (I have previously added "Active Directory Domain Services" role.)
During the post-install configuration, I specified that I wanted to generate a 4096-bit length RSA key for the Root CA certificate.
Everything looked good.... However, when I actually look at the Root CA certificate that was generated, it contains a 2048-bit public key!
I rolled back the VM thinking that I accidently chose 2048-bit by mistake. I did the whole process again - making sure that I absolutely selected 4096-bit. And again, the Root CA certificate that was generated contained a 2048-bit public key.
Is this a bug? If not, can someone explain how I can actually generate a 4096-bit key?
Edit: I should also note that I selected SHA512 for the hashing algorithm instead of the default SHA256.
Continue reading...