OS X Support of Certificate Key Length

[mojoxp]

I'm trying to import a self signed root certificate for our enterprise into a Lion machine's key chain and I'm getting an error message: "An error occured. Unable to import "<cert name>" Error -67762"

The certificate has a key length of 8192 bits, signature algorithm of SHA256RSA.

The subordiant certificate with a key length of 4096 bits, signature algorithm of SHA256RSA.

Is there a limitation on the certificate key length that OS X Lion supports? Is this planned to be addressed in an update, or is there a way to change this?

 

[mojoxp]

In case anyone runs into this, solution is here:
https://discussions.apple.com/thread/2668985?start=0&tstart=0

Run:

sudo defaults write /Library/Preferences/com.apple.crypto RSAMaxKeySize -int 8192

And reboot the mac, will work just fine.

 

[mojoxp]

In case anyone runs into this, solution is here:
https://discussions.apple.com/thread/2668985?start=0&tstart=0

Run:

sudo defaults write /Library/Preferences/com.apple.crypto RSAMaxKeySize -int 8192

And reboot the mac, will work just fine.

And if you're seeing this looking for how to do it on Mavericks, it's now:

sudo defaults write /Library/Preferences/com.apple.security RSAMaxKeySize -int 8192

(from: http://shizmob.tumblr.com/post/67305143330/8192-bit-rsa-keys-in-os-x )