OS X Support of Certificate Key Length

Discussion in 'macOS' started by mojoxp, Jun 15, 2012.

  1. mojoxp macrumors member

    Joined:
    May 18, 2006
    #1
    I'm trying to import a self signed root certificate for our enterprise into a Lion machine's key chain and I'm getting an error message: "An error occured. Unable to import "<cert name>" Error -67762"

    The certificate has a key length of 8192 bits, signature algorithm of SHA256RSA.

    The subordiant certificate with a key length of 4096 bits, signature algorithm of SHA256RSA.

    Is there a limitation on the certificate key length that OS X Lion supports? Is this planned to be addressed in an update, or is there a way to change this?
     
  2. mojoxp thread starter macrumors member

    Joined:
    May 18, 2006
    #2
  3. mojoxp thread starter macrumors member

    Joined:
    May 18, 2006
    #3
    And if you're seeing this looking for how to do it on Mavericks, it's now:
    Code:
    sudo defaults write /Library/Preferences/com.apple.security RSAMaxKeySize -int 8192
    (from: http://shizmob.tumblr.com/post/67305143330/8192-bit-rsa-keys-in-os-x )
     

Share This Page