Skip to Content
avatar image
Former Member

How to change CSR key size?

Hi,

I want to generate a CSR for my server.  I have used STRUST to do this. When I sent generated CSR to One of the CA providers, Its giving me the below error:

  • Your CSR contains a key size that is no longer considered secure. Security best practices require a minimum key size of 2048 bits. Please submit a new CSR with a minimum 2048 bit key size.

Can somebody tell me how to change the key size?

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

2 Answers

  • Best Answer
    Jan 05, 2015 at 09:44 PM

    Hi,

    yep, 1024 bits these days is not enough. You should be able to change it to higher number with parameter sec/rsakeylengthdefault. By default it's 1024 which I think it should be increased by SAP.

    Cheers

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member

      Hi Martin,

      Thanks for the reply. I have changed the value to 2048, But according to new value when I try to create a new PSE i don't see option of choosing RSA key, SO bydefault it is creating with DSA which maximum key size is 1024.

      1.jpg (51.7 kB)
  • avatar image
    Former Member
    Jan 06, 2015 at 11:50 AM

    My issue is resolved, Thanks.

    Add comment
    10|10000 characters needed characters exceeded