How to Upgrade the SSL Certificate From 1024-bit to 2048-bit
It’s now the best time to step up security because, well, it’s required now. The specific dates of these mandates for new certificates and renewals will vary depending on the brand and type of certificate. For some, there is nothing that needs to be done for those currently installed certificates, however, when those certificates expire users will need to renew by generating a Certificate Signing Request of at least 2048-bits. If you have a SSL Certificate that does not expire until after December 31, 2013, you will need to go into your certificate management console to revoke and replace your certificate with a new 2048-bit certificate before December 31, 2013.
The CA/Browser Forum is behind this requirement that all Certificate Authorities cease supporting 1024-bit key length certificates for code signing and SSL certificates by the end of 2013. This change has been prompted to comply with industry best practices in order to provide the highest level of security. This is also in compliance with NIST Special Publication 800-131A. SHA-1 and 2048-bit keys will also start being required by browser vendors.
Step-by-step Instructions to Upgrade the SSL Certificate From 1024-bit to 2048-bit:
-
- Do you have 1024-bit certificates?
Use the SSL Certificate Checker (powered by Symantec) to check the key length on your current SSL certificates.
-
- Can your server handle a 2048-bit certificate?
Longer key lengths require more server power and not all systems can handle a 2048-bit SSL certificate (if you’re already running 2048 certificates, move on to step 3).
-
- Generate your CSR
Apache SSL Instructions
Microsoft IIS 6.0 Instructions
Microsoft IIS 7.0 Instructions
-
- Go to the User Portal, login, and renew or re-issue your certificate.
Renew – certificates that expire December 31, 2013 and earlier with a 2048-bit key
Reissue – All 1024-bit certificates that expire after January 1, 2014
5 Ways to Determine if a Website is Fake, Fraudulent, or a Scam – 2018
in Hashing Out Cyber SecurityHow to Fix ‘ERR_SSL_PROTOCOL_ERROR’ on Google Chrome
in Everything EncryptionRe-Hashed: How to Fix SSL Connection Errors on Android Phones
in Everything EncryptionCloud Security: 5 Serious Emerging Cloud Computing Threats to Avoid
in ssl certificatesThis is what happens when your SSL certificate expires
in Everything EncryptionRe-Hashed: Troubleshoot Firefox’s “Performing TLS Handshake” Message
in Hashing Out Cyber SecurityReport it Right: AMCA got hacked – Not Quest and LabCorp
in Hashing Out Cyber SecurityRe-Hashed: How to clear HSTS settings in Chrome and Firefox
in Everything EncryptionRe-Hashed: The Difference Between SHA-1, SHA-2 and SHA-256 Hash Algorithms
in Everything EncryptionThe Difference Between Root Certificates and Intermediate Certificates
in Everything EncryptionThe difference between Encryption, Hashing and Salting
in Everything EncryptionRe-Hashed: How To Disable Firefox Insecure Password Warnings
in Hashing Out Cyber SecurityCipher Suites: Ciphers, Algorithms and Negotiating Security Settings
in Everything EncryptionThe Ultimate Hacker Movies List for December 2020
in Hashing Out Cyber Security Monthly DigestAnatomy of a Scam: Work from home for Amazon
in Hashing Out Cyber SecurityThe Top 9 Cyber Security Threats That Will Ruin Your Day
in Hashing Out Cyber SecurityHow strong is 256-bit Encryption?
in Everything EncryptionRe-Hashed: How to Trust Manually Installed Root Certificates in iOS 10.3
in Everything EncryptionHow to View SSL Certificate Details in Chrome 56
in Industry LowdownPayPal Phishing Certificates Far More Prevalent Than Previously Thought
in Industry Lowdown