• Register

Minimum csr size is 2048 problems

0 votes

I'm trying to order a certificate from SSL.com and I'm getting an "CSR contains a key size that is less than 2048 bits" error. What does this mean and how do I fix it?

asked Jan 21, 2013 in SSL Certificates by anonymous

1 Answer

0 votes

found this on bing:


Computer power has lessened the time it takes to break the algorithms used by today's secure certificate private keys.

To avoid putting the Internet and e-commerce users at risk, the Certificate Authority Browser Forum has published new requirements for secure certificates. We are a member of this organization and are supporting this change by requiring 2048-bit length for all new and renewing SSLs.

The following are the requirements established by the Certificate Authority Browser Forum for Extended Validation Certificates:

  • A minimum of 2048-bit RSA keys for root and subordinate CAs.
  • A minimum of 2048-bit keys for entity certificates (the secure certificates issued to our customers) that expire after December 31st, 2010.

Microsoft®, for example, is a member of the Certificate Authority Browser Forum and supports these requirements for all certificates by incorporating the following requirements into their programs:

  • All new root certificates must have a minimum of 2048-bit RSA keys.
  • 1024-bit roots will be removed from the Microsoft Root Certificate Program by December 13th, 2013.
  • All end entity certificates issued after December 31st, 2010 must have a minimum of 2048-bit RSA keys.
answered Jan 21, 2013 by codybanks (340 points)
reshown Dec 13, 2013 by administrator

Related questions

+1 vote
1 answer 869 views
0 votes
0 answers 295 views
0 votes
1 answer 554 views