Ask a Question

Advanced Search

Solution ID : SO6989

Last Modified : 05/02/2018

What bit length should I choose when generating a Certificate Signing Request (CSR)?

Problem

Generate Certificate Signing Request (CSR)

Solution

It is recommended that a Certificate Signing Request (CSR) with a 2048-bit key size be used for new enrollments and renewals.  As of October 10, 2010, Symantec migrated its public Root Certification Authorities from 1024-bit RSA keys to 2048-bit RSA keys; therefore, a 2048-bit CSR is required for all SSL certificates and Code Signing certificates that require a CSR.  
Note:  4096-bit RSA keys are also supported.

For additional information on these changes, please refer to the solution:   ALERT220