Wowza Community

how to create a ssl certificate in 2048 bit key lenth

i am trying to siubmitt a csr to a auth .but i am getting a error. saying that the key must be 2048 bit key lenth take a look----|

Topic:Why does my CSR need to be 2048 bit length?

Computer power has lessened the time it takes to break the algorithms used by today’s secure certificate private keys. It is estimated that the computer power required to break 1024-bit length secure certificate private keys will exist by 2011.

To avoid putting the Internet and e-commerce users at risk, the Certificate Authority Browser Forum has published new requirements for secure certificates. We are a member of this organization and are supporting this change by requiring 2048-bit length for all new and renewing SSLs.

The following are the requirements established by the Certificate Authority Browser Forum for Extended Validation Certificates:

•A minimum of 2048-bit RSA keys for root and subordinate CAs.

•A minimum of 2048-bit keys for entity certificates (the secure certificates issued to our customers) that expire after December 31st, 2010.

Microsoft®, for example, is a member of the Certificate Authority Browser Forum and supports these requirements for all certificates by incorporating the following requirements into their programs:

•All new root certificates must have a minimum of 2048-bit RSA keys.

•1024-bit roots will be removed from the Microsoft Root Certificate Program by December 31st, 2010.

•All end entity certificates issued after December 31st, 2010 must have a minimum of 2048-bit RSA keys.

any help on this

Referring to this post:

I have not tried this but it seems like you are easily generate a request for a 2048 key using the command:

Create key store:

keytool -genkey -alias wowza -keysize 2048 -keyalg RSA -keystore

Create CSR:

keytool -certreq -file -alias wowza -keysize 2048 -keyalg RSA -keystore

I have not tried the result with Wowza but I think it should all just work.


yes that work thank you