skip to main text

Algorithms and Formats for Registerable Keys and Certificates

Item

Description

RSA signature algorithm

SHA-256

RSA public key algorithm (key length)

RSA (2048 bits)

DSA signature algorithm

Not supported

DSA public key algorithm (key length)

Not supported

ECDSA signature algorithm

SHA-256

ECDSA public key algorithm (key length)

ECDSA (secp256r1/secp384r1/secp521r1)

Certificate formats

PKCS#12 format

X.509 DER format

(Key pair used with EAP-TLS is PKCS#12 only, CA certificate is X.509 DER format only)

Extensions

PKCS#12 format: p12/pfx

X.509 DER format: cer/der

Registerable number of items

Keys/certificates: 2 (server certificate for TLS, client certificate for IEEE802.1X)

CA certificate: 5 (for IEEE802.1X)

Certificate file size limits

  • Server certificate for TLS: 4 KB/certificate

    (However, for the models below, certificate: 1.5 KB and private key: 2.5 KB totalling 4 KB)

  • Client certificate for IEEE802.1X: 4 KB/certificate

    (However, for the models below, 2 KB/certificate)

  • CA certificate: (for IEEE802.1X): 4 KB/certificate

    (However, for the models below, 2 KB/certificate)