Friday, December 6, 2013

Time to Upgrade: Convert 1024 Bit SSL to 2048 Bit SSL for a Cyber-Safe New Year

2014 is just around the corner, so it’s about time to say Adios to 1024-bit SSL certificates. NIST (National Institute of Standards & Technology) along with Certificate Authority/ Browser Forum (CA/BF), are all set to define a new standard for SSL certificates which would be effective as of Jan 1 2014. According to this new rule, all the SSL certificates issued after January 1 2014 MUST have minimum bit strength of 2048-bit.

As we all know, the key length of an SSL certificate indicates its encryption strength – shorter keys are more prone to a cyber-attack. A cyber thug armed with most advanced computers and a compromised private key drawn from a short public key, would easily be able to decrypt all the SSL-secured connections, even from the past!

This up-gradation was a result of many such cases of compromised internet security caused by shorter key strength SSL certificates. However, a higher key strength certificate doesn’t guarantee 100% security. But it sure does help in minimizing the attacks, because the computational power required to process 2048-bit certificates is five to thirty times greater than that required for 1024-bit certificates. 

To improve their data security, many companies across the world switched to the new length certificates months ago when the rule was announced.  It is THE wise step to take, as no e-merchant who is serious about his business would want such message to be displayed on the site when the customers log in. Please have a look:

If you are an e-merchant, please follow these steps to spare your website from displaying such message.

  1. First of all, check if your certificate is less than 2048-bit key length. You can do that by clicking here Check your SSL
    You are good to go if your certificate’s strength is 2048-bit or above, but if it’s not, you have to fix that.
  2. Next step would be to find out if your server is compatible enough to handle a 2048-bit SSL certificate.
  3. You need to generate CSR to proceed further.  Please follow this link which would guide you with CSR generation steps for each server: Click Here
  4. Final step would be to
    Renew the certificates that expire before Dec 31 2013 with a 2048-bit SSL certificate.
    Reissue the 1024-bit certificates that expire after Dec 31 2013 by ordering 2048-bit SSL certificate instead.
This New Year, shield your business with a protective layer of a stronger SSL certificate for better protection against all the cyber thieves! 


Post a Comment

Twitter Delicious Facebook Digg Stumbleupon Favorites More