cancel
Showing results for 
Search instead for 
Did you mean: 

SSL certificate RSA key is less than 2048 - Pen test

MWSS
New Contributor

Hello, in a recent pen test the following was discovered for the Ruckus Unleashed master AP

SSL Certificate Chain Contains RSA Keys Less Than 2048 bits

"At least one of the X.509 certificates sent by the remote host has a
key that is shorter than 2048 bits. According to industry standards
set by the Certification Authority/Browser (CA/B) Forum, certificates
issued after January 1, 2014 must be at least 2048 bits.

I can see in the unleashed console that under the Administration > Certificate options I can change this option:
Re-generate private key of a specific key length to 2048.

The ruckus is using a self signed cert.  If I click the option for 2048 and regenerate, will this update the self signed cert and cause no other impact but restarted the APs?

 

thanks

 

 

 

1 ACCEPTED SOLUTION

sanjay_kumar
RUCKUS Team Member

Hi @MWSS 

The option to regenerate private key under   Administration > Certificate >> Advanced >> Re-Generate Private Key of a Specific Key Length: 2048

Should solve your issue. It will re-generate a new cert of the master AP which has RSA key length to 2048.

View solution in original post

9 REPLIES 9

MWSS
New Contributor

Just checking you can confirm this Sanjay

sanjay_kumar
RUCKUS Team Member

Hi @MWSS 
I'm checking on this.

sanjay_kumar
RUCKUS Team Member

Hi @MWSS 

The option to regenerate private key under   Administration > Certificate >> Advanced >> Re-Generate Private Key of a Specific Key Length: 2048

Should solve your issue. It will re-generate a new cert of the master AP which has RSA key length to 2048.

thank you, this causes no impact apart from a reboot I presume?

sanjay_kumar
RUCKUS Team Member

Hi @MWSS 
Yes that is correct.