Skip to main content
Waters Employee Login
 
Waters

Does NuGenesis require a specific cryptographic service provider or key length for HTTP-SSL certificates? - WKB28945

  1. Last updated
  2. Save as PDF
Article number: 28945

ENVIRONMENT

  • NuGenesis 9 SDMS
    • Windows Server 2016 and 2019
  • NuGenesis 8 SDMS
    • Windows Server 2012 and 2016

ANSWER

No, NuGenesis does not impose any constraints on the HTTP-SSL certificates used in the SDMS web servers. NuGenesis does not validate the certificates.  The certificate issuer may require a specific CSP or key length in the certificate, and those requirements should be communicated by the issuer. Waters recommends a key length of at least 2048 bits to future-proof the certificates, but that is a recommendation not a requirement.

Microsoft Internet Information Services (IIS) in Windows supports the CSPs and key lengths as listed in the Certificate Request wizard. It supports two CSPs and several key lengths up to at least 4096 bits.

Internet Explorer 11 (the required web browser for NuGenesis WebVision) supports all certificates as supported by Microsoft IIS.

The certificate key usage should allow it to be used for Server Authentication. The purpose of the certificate is to authenticate the server to the web clients.  Extended Key Usages are not required.

ADDITIONAL INFORMATION

 

id28945, SDMS, SDMS8, SDMS8NU, SUPISDMS, SUPNG

Not able to find a solution? Click here to request help.