Subscribing is a smart move!
You can subscribe to this forum after you log in or create your free account.
Certificate Signing Requests and SSL Key Size
Geo SCADA Knowledge Base
Access vast amounts of technical know-how and pro tips from our community of Geo SCADA experts.
Invite a Co-worker
Send a co-worker an invite to the Exchange portal.Just enter their email address and we?ll connect them to register. After joining, they will belong to the same company.
Send Invite Cancel
📖 Home Back
ClearSCADA provides a SSL Key (ClearSCADA.key) to generate Certificate Signing Requests to a third party Certificate Authority.
The default key size is 512bits, however some authorities require different key sizes (for example, 1024, 2048 bits).
ClearSCADA provides a way to modify the default key size, as follows:
(Note: to see the size of the current key, follow the procedure at the bottom of this article)
Now a new CSR can be generated using the new key size.
NOTE:
Some previous variants of this procedure neglected the step of deleting the .CER file. In most cases, the procedure works without deleting the .CER file, however in some cases it does not. If you have only deleted the .KEY file, when generating a new Certificate Signing Request, the following error may occur:
SCR Error.jpg
In this case, repeat the above procedure but be sure to delete both the .KEY and .CER files.
To see the current certificate key size open Windows Explorer and navigate to the ClearSCADA folder. Right-click on the ClearSCADA Security Certificate file, select Open, click on the 'Details' tab and look at the 'Public key' field.
2.png
Go: Home Back
ClearSCADA provides a SSL Key (ClearSCADA.key) to generate Certificate Signing Requests to a third party Certificate Authority.
The default key size is 512bits, however some authorities require different key sizes (for example, 1024, 2048 bits).
ClearSCADA provides a way to modify the default key size, as follows:
(Note: to see the size of the current key, follow the procedure at the bottom of this article)
- On all servers, using the server configuration tool, add or modify the registry key "DB\WebSSLKeySize" [DWORD] to control the size of new keys. Set the required value.
- Shutdown ClearSCADA server
- Delete the ClearSCADA.key and the ClearSCADA.cer files (should be in the ClearSCADA Data base directory (where the Database and Log folders are))
- Restart ClearSCADA server
Now a new CSR can be generated using the new key size.
NOTE:
Some previous variants of this procedure neglected the step of deleting the .CER file. In most cases, the procedure works without deleting the .CER file, however in some cases it does not. If you have only deleted the .KEY file, when generating a new Certificate Signing Request, the following error may occur:
SCR Error.jpg
In this case, repeat the above procedure but be sure to delete both the .KEY and .CER files.
To see the current certificate key size open Windows Explorer and navigate to the ClearSCADA folder. Right-click on the ClearSCADA Security Certificate file, select Open, click on the 'Details' tab and look at the 'Public key' field.
2.png
Go: Home Back
Author
Create your free account or log in to subscribe to the forum - and gain access to more than 10,000+ support articles along with insights from experts and peers.