• 1 reply
  • Latest Post - ‏2014-04-23T16:22:28Z by wasero
5 Posts

Pinned topic IHS and GSKit compatibility

‏2013-03-05T03:19:08Z |
hello everyone,

we are to upgrade our ssl certificates from 1024 to 2048 bit. as far as i know, only IHS with GSKit versions 7.0.x and higher contain ikeyman which are capable of generating 2048 bit certificates. The IHS version we currently have right now is 1.3.26. My question is... is it possible to just update the GSKit version to be able to generate 2048 certs? and leave the IHS version as it is....or is it more advisable to upgrade IHS to 6.1, the recommended version to handle 2048 bit certs? our IHS connects to WAS5.1 by the way

thanks and i would appreciate any help or advise.
  • wasero
    9 Posts

    Re: IHS and GSKit compatibility


    This is how i solved that same issue. Create the 2048 cert request with a new key using ikeyman on a server that supports 2048 (IHS/WASv8), accept the certificate in the new 2048 compatible key file, once you have accepted the 2048 cert, export the cert and root ca to the other key that does not support 2048 - remember: you cant use the key that does not give you the option of 2048 because 1) it did not create it and 2) doesn't have 2048 support.

    My understanding is that Older versions of gskit (ikeyman) for lack of a better description may not be able to create 2048 certs only 1024, but they can manage them.