JOIN OUR AFFILIATE NETWORK

Join our affiliate network and become a local SSL expert

♦ learn more about our program ♦
Menu
picture of tbs certificates
picture of tbs certificates
 
Certificates
Our products range
Partners
Support
Focus


Key length: 512, 1024 or 2048

Since January 1st, 2011 all certificates must be generated with a 2048 bit (or more) public key.

The use of 512-bit key is forbidden. Factoring RSA is doable for this length (512-bit has been factorized in August 1999, current record=768-bit). 1024-bit keys will soon be vulnerable and we will then have to stop using them.

The ANSSI (former DCSSI) made it mandatory to use 1536-bit (or higher size) keys since January 1st, 2009 and to use 2048-bit keys since January 1st, 2011.

The NIST recommands not to trust keys less than 2048-bit long since January 1st, 2011.

See the keylength website.

WARNING: you have to think about the consequences of the 2048-bit upgrade on your CPU consumption. The upgrade on already loaded equipment is sensitive.

See also:

Find out more about obtaining a server certificate and creating a certificate request : CRS click here