Forum Discussion
Coredump66_1745
Nimbostratus
NimbostratusSSL Certificate Renewal
Does anyone know if down time is required when renewing the SSL Certificate on the LTM?
Michael_YatesNimbostratus
NimbostratusI think that they are working on 1024. We got a notification from our CA in Jan 2010 stating that the 768 bit RSA encryption has been compromised.
This is an portion of the Notification:
You may have read recently in the news that 768 bit RSA encryption has now been compromised. While the operation took an immense amount of computing power and several terabytes of data, most industry experts agree that it is only a matter of time before 1024 bit RSA encryption is compromised. Some guess that it will take several years but others think the crack may come within a few.
Microsoft and other browsers are starting to implement restrictions on key sizes so that 1024 bit RSA encryption is phased out before this compromise happens. Certificate Authorities must comply to this policy in order to continue to be embedded into the browsers.
The default key size on v9.4.x is 1024 I believe. I'd recommend the same thing that Hamish did....generate manually and up your encryption to 2048.
