In a recent blog entry I described how you can use 3rd party certificates within your Check Point gateway.
Now I was informed by Brian that some commercial CA don’t sign any longer if the key size is only 1024 bit, you need at least 2048 bit.
How can we change the behaviour of the Check Point while issuing the CSR?
Just go to Global Properties -> SmartDashboard Customination -> Configure -> Certificates and PKI properties
.
There we have an option the define the key size for the certificates. Available values are 1024, 2048 and 4096 bit.
Change this value according to your need and the requirements of the CA you chose for signing.
Starting with R71 they standard key size 2048.
Post a Comment