Hi Mac Champs,
Im facing hard times helping the Security Team implement SHA2 for Mac.
I have a profile to go and pull .cer from the Certificate Authority but when it goes and knocks the door, it goes with 2048bit Keylength and the request is denied. Has someone implemented SHA2 with 4096 bit length?
Thanks a lot!
Hi Paul, this is an AD certificate. Yes the key length is configured on the template according to the certificate team, but when i create a Config Profile to pull certificate from CA, the request from my Mac goes as 2048 only and it gets denied.
The cert team says the request is getting denied because the Mac is requesting with lower key length.
You can set the keysize on 10.11 and higher in the configuration profile. Not sure if JAMF supports that, but I don't use the JSS for profiles.