Add custom certificate to sign-in page fail

fobispo · February 3, 2021, 7:12pm

When trying to update my private key, certificate and certificate chain, OKTA is complaining that the certificate must be of 2048-bits in length, even though the documentation states that it can be up to 4096.

I’m using a letsencrypt-generated certificate and it’s a pain that I can’t simply update the existing certificate. This is causing users problems to users of my app who can no longer login to it.

fobispo · February 3, 2021, 7:18pm

https://developer.okta.com/docs/guides/custom-url-domain/enable-the-custom-domain/

fobispo · February 3, 2021, 7:58pm

Generating a LE certificate with 2048 bits works correctly

Fuzzard · February 4, 2021, 12:43am

okta only supports 2048 bit keys for that at the moment
this is specified under caveats at Before you begin | Okta Developer

system · April 25, 2022, 6:26pm

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.

Post		Replies	Views
Unable to add SSL cert for custom domain Questions	4	5438	May 14, 2020
Custom URL: Change from own TLS to LetsEncrypt? Questions	5	2937	April 29, 2022
Tls 1.3 custom okta domain? Questions	2	3349	January 24, 2022
Switch from custom TLS to Okta managed certificates Questions	1	2070	February 12, 2024
New certificate for custom domain update time Questions	2	4850	March 2, 2020

Add custom certificate to sign-in page fail

Related topics