What is max length of SSL key we can use on LTM?

Question

Can I use an SSL Cert with a 4096 bit long key?  If not, what needs to be adjusted to make this work?  Thanks.

steve_87232 · Answer

Anyone have an update on this? Does 10.x support 4096? I can't seem to verify the answer.

hoolio · Answer

Hi Steve, 
&nbsp;  
&nbsp; Apparently for client or server SSL, you can use certs/keys larger than 2048 bits if you use software SSL decryption:  
&nbsp;  
&nbsp;   
&nbsp; From case C564817:  
&nbsp; You can specify a cipher string of "DEFAULT:!NATIVE" and the "!NATIVE" will rule out using the acceleration card and just use software.  
&nbsp; &nbsp;  
&nbsp;  
&nbsp; This is also noted in SOL10580: 
&nbsp;  
&nbsp; SOL10580: The SSL key size is limited when using hardware acceleration   
&nbsp; https://support.f5.com/kb/en-us/solutions/public/10000/500/sol10580.html 
&nbsp;  
&nbsp; If you open a case with F5 you can ask to have your request added to CR124105.  
&nbsp;  
&nbsp; Aaron

Forum Discussion

What is max length of SSL key we can use on LTM?

2 Replies

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

error code 503 redirect irule

Curl 7.10.5 < 8.12.0 Integer Overflow (CVE-2025-0725)

OWA File Upload URIs for WAF Bypass

F5 AWAF/ASM learning only from Trusted traffic?

F5OS VLAN naming length restrictions

Related Content

SSL length key

The State Of HTTP/2 With F5 LTM

Character Length for Object Names

LTM Policy

Variable Length URI Lookup

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS