Feature Request: Support ECDSA certificates on GS1900 series switches
When I try and import my SSL certificate on my GS1900-8 and GS-1900-24E the UI throws an error: "Upload certificate failed. Unspecified Error (0x246)"
I have censored my existing certificate (RSA-2048) which I need to replace. However, when I try and upload my new certificate (EC-256) from my CA the switch returns an error.
I can upload the old certificate just fine .. the new one just doesn't work.
How can I get the certificate to install properly?
All Replies
-
Attached please find a tar.gz file containing 2 example certficiates which I would expect to work but both of which do not load properly and generate the above error.
There is also a README file which explains how the certificates were generated.
The README is also optionally executable in a shell if you'd like to generate your own certificates.
Just run it with something similar to:
$ bash test-gs1900-certs/README0 -
Hi @coderjoe
The GS1900 series currently supports RSA algorithm certificates but does not support ECDSA algorithm certificates like the one you're trying to upload. To resolve this, you'll need to generate a new certificate using the RSA algorithm instead of ECDSA. Once you have a certificate generated with RSA, you should be able to upload it successfully.
Kay
0 -
That is a shame, but thank you very much for your advice.
For now I am able to revert back to RSA keys, but if I'm required to follow the certificate guidelines of the software suite and internal CA I'm integrating with, and if they choose to adopt ECDSA certs as a standard I may be out of luck.
Is it possible to get ECDSA certificate support as a future feature?0 -
I've updated the title to reflect that I would like to request this feature. Thank you for your consideration. :)
0 -
I didn't realize my comment had been moved out of Switch Ideas and into Switch.
Should I re-submit my feature request there?
Edit: Or maybe I'm misremembering and never posted there. Either way I'm happy to resubmit if that is the correct process.0 -
Hi @coderjoe ,
Initially, we determined that the content of your post was more geared towards seeking assistance. Hence, we relocated it from Switch Ideas to Switch to ensure it is in a more appropriate discussion space.
Regarding your feature request concerning the support for ECDSA certificates on GS1900 series switches, I fully agree with your suggestion. Therefore, I have resubmitted it in the ideas section for further consideration.
If anyone supports this idea, please don't hesitate to leave a comment or vote. Your input, in the form of comments and votes, will play a crucial role in our evaluation process.
Kay
0 -
I agree, my original post wasn't worded correctly to serve as a suggestion. Thank you for re-posting for me Kay! :)
1
Zyxel Employee
Categories
- All Categories
- 396 Beta Program
- 2.1K Nebula
- 117 Nebula Ideas
- 81 Nebula Status and Incidents
- 5.1K Security
- 86 USG FLEX H Series
- 247 Security Ideas
- 1.3K Switch
- 69 Switch Ideas
- 916 WirelessLAN
- 34 WLAN Ideas
- 5.9K Consumer Product
- 211 Service & License
- 337 News and Release
- 71 Security Advisories
- 21 Education Center
- 5 [Campaign] Zyxel Network Detective
- 2K FAQ
- 912 Nebula FAQ
- 419 Security FAQ
- 237 Switch FAQ
- 207 WirelessLAN FAQ
- 46 Consumer Product FAQ
- 139 Service & License FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 72 About Community
- 62 Security Highlight
