Reading Time: 2 minutes
SSL1024 bit SSL certificates are about to be obsolete.After January 1, 2014 the 1024 bit SSL Certificate will join floppy disks and gopher servers in the grave yard of forgotten technologies. A new standard set by the Certification Authority/Browser (CA/B) Forum required that SSL certificates issued after January 1, 2014 must have a key length of at least 2048-bit.
What do you mean by “key length”?An SSL Certificate includes a value that is used to encrypt message for secure communication. The value is represented by a combination of 1s or 0s, each digit is called a bit in computer speak.Why is Key Length Important?The more bits in the key the more possible values can be represented. The key needs to be large enough so that it cannot be discovered with a brute force attack. In a brute force attack, you simply try every possible combination until you come across the correct one.What’s the problem with 1024 bits?

With 1024 bit key I can represent a lot of values, would seem to be plenty. You have to use scientific notation for the number, 2^1024=1.797693134862315907729305190789e+308.

If you haven’t used scientific notation lately, you have to move the decimal place 308 places to the right inserting zeroes when you reach the “e”. That is a really big number! Unfortunately, with the steady growth of computing power, it will soon be not enough. Before that happens, it is important that internet security moves to the stronger 2048 bit.

How Do I Know if My Certs are 2048-bit?
Just go to the following page and you can generate a discovery report to see if their certs are 2048, and it’s free!

Action Required: What do I need to do?

If you own any 1024-bit certificates expiring this year, you must renew them by generating a 2048-bit or higher CSR.  If you have certificates expiring in 2014 or later you need to replace and upgrade all 1024-bit certificates with 2048-bit.  The deadline was October 1st, so if you have not done so you are past due!