DrayTek UK Users' Community Forum
Help, Advice and Solutions from DrayTek Users
5510 csr key length too short - must be 2048 not 1024
- craig@ccilegal.co.uk
- Topic Author
- Offline
- New Member
Less
More
- Posts: 1
- Thank you received: 0
07 Dec 2010 07:22 #65176
by craig@ccilegal.co.uk
5510 csr key length too short - must be 2048 not 1024 was created by craig@ccilegal.co.uk
The 5510 cannot support key lengths longer than 1024 which means as of November 2010 no-one can get a trusted certificate as the minimum length is 2048.
All certificate authorities now require 2048 or longer.
This is critical for me, I can't use a self signed certificate, it has to from a certificate authority.
Will this be in the new firmware or do I have bin all my draytek UTM devices.
All certificate authorities now require 2048 or longer.
This is critical for me, I can't use a self signed certificate, it has to from a certificate authority.
Will this be in the new firmware or do I have bin all my draytek UTM devices.
Please Log in or Create an account to join the conversation.
- raidvii
- Offline
- New Member
Less
More
- Posts: 4
- Thank you received: 0
04 Oct 2011 12:27 #69589
by raidvii
Replied by raidvii on topic Re: 5510 csr key length too short - must be 2048 not 1024
I concur,
We are attempting to have a "Production" SSL VPN / APP firewall available for our client. 1024bit is the maxium. What I can't understand is there is an option to change it but it is "Greyed" out.
1024bit has been superseeded for quite some time now, yet new models of firewall are still restricted.
Don't know about you but I am struggling to find an SSL Certificate vendor that even distributes 1024bit Certs.
From a security audit, point of view If my client were audited, the finger would be heavily pointed that these devices cannot secure at an industry standard, At the "FIREWALL" !!! level ??
This should be the highest priority.
Have you found any vendor that still supplies 1024bit security keys?
We are attempting to have a "Production" SSL VPN / APP firewall available for our client. 1024bit is the maxium. What I can't understand is there is an option to change it but it is "Greyed" out.
1024bit has been superseeded for quite some time now, yet new models of firewall are still restricted.
Don't know about you but I am struggling to find an SSL Certificate vendor that even distributes 1024bit Certs.
From a security audit, point of view If my client were audited, the finger would be heavily pointed that these devices cannot secure at an industry standard, At the "FIREWALL" !!! level ??
This should be the highest priority.
Have you found any vendor that still supplies 1024bit security keys?
Please Log in or Create an account to join the conversation.
Moderators: Chris, Sami
Copyright © 2024 DrayTek