What is max length of SSL key we can use on LTM?

Question

Can I use an SSL Cert with a 4096 bit long key?  If not, what needs to be adjusted to make this work?  Thanks.

steve_87232 · Answer

Anyone have an update on this? Does 10.x support 4096? I can't seem to verify the answer.

hoolio · Answer

Hi Steve, 
&nbsp;  
&nbsp; Apparently for client or server SSL, you can use certs/keys larger than 2048 bits if you use software SSL decryption:  
&nbsp;  
&nbsp;   
&nbsp; From case C564817:  
&nbsp; You can specify a cipher string of "DEFAULT:!NATIVE" and the "!NATIVE" will rule out using the acceleration card and just use software.  
&nbsp; &nbsp;  
&nbsp;  
&nbsp; This is also noted in SOL10580: 
&nbsp;  
&nbsp; SOL10580: The SSL key size is limited when using hardware acceleration   
&nbsp; https://support.f5.com/kb/en-us/solutions/public/10000/500/sol10580.html 
&nbsp;  
&nbsp; If you open a case with F5 you can ask to have your request added to CR124105.  
&nbsp;  
&nbsp; Aaron

Forum Discussion

What is max length of SSL key we can use on LTM?

Recent Discussions

Application only need to access from 2 uris

In Radius auth, how to allow second attempt of token input when the first input is incorrect?

AS3 Limitations

Unable to install firmware OS and drop at 10%

Statistics ›› Analytics : HTTP : Overview

Related Content

SSL length key

Variable Length URI Lookup

Invalid Content-Length header caused Big-IP to terminate connection?

iControl REST Cookbook - LTM policy (ltm policy)

Load Balancing Omnissa Unified Access Gateway with BIG-IP LTM

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS