12-21
VPN 3002 Hardware Client Reference
OL-1893-01
Chapter 12 Administration
Certificate Management
Verify Challenge Password - No Yes Re-enter the challenge password.
Key Size - Yes Yes The algorithm for generating the public-key/private-key pair, and
the key size. If you are requesting an SSL certificate, of if you are
requesting an identity certificate using SCEP, only the RSA
options are available.
• RSA 512 bits = Generate 512-bit keys using the RSA (Rivest,
Shamir, Adelman) algorithm. This key size provides
sufficient security and is the default selection. It is the most
common, and requires the least processing.
• RSA 768 bits = Generate 768-bit keys using the RSA
algorithm. This key size provides normal security. It requires
approximately 2 to 4 times more processing than the 512-bit
key.
• RSA 1024 bits = Generate 1024-bit keys using the RSA
algorithm. This key size provides high security, and it
requires approximately 4 to 8 times more processing than the
512-bit key.
Yes No
• DSA 512 bits = Generate 512-bit keys using DSA (Digital
Signature Algorithm).
• DSA 768 bits = Generate 768-bit keys using the DSA
algorithm.
• DSA 1024 bits = Generate 1024-bit keys using the DSA
algorithm.
Table 12-1 Fields in a Certificate Request