SSL/TLS Certificate RSA Keys Less Than 2048 bits
Low Web Application Scanning Plugin ID 112540
SynopsisSSL/TLS Certificate RSA Keys Less Than 2048 bits
DescriptionThe remote server certificate has a key that is shorter than 2048 bits. According to industry standards set by the Certification Authority/Browser (CA/B) Forum, certificates issued after January 1, 2014 must be at least 2048 bits.
Some browser SSL implementations may reject keys less than 2048 bits after January 1, 2014. Additionally, some SSL certificate vendors may revoke certificates less than 2048 bits before January 1, 2014.
SolutionReplace the certificate with the RSA key less than 2048 bits in length with a longer key, and reissue any certificates signed by the old certificate.