Microsoft security update to block access to digital certificates that have a key length of less than 1,024 bits on 10/9/12
In a world where speed and simplicity are preferred, the size of a certificate key is nowhere to skimp. The strength of a digital certificate is primarily based on the length of the key. Microsoft issued a warning to all Windows Administrators: all digital certificates must have a key length of at least 1,024 bits. Certificates containing key lengths shorter will be automatically declined beginning October 9, 2012 as a result of an automatic security update for Windows.
Still securing apps/websites with certificates bearing key lengths less than 1,024 bits? What exactly will be affected:
- Broken web links (Internet Explorer connection to pages blocked)
- Windows Certificate authority service unable to start
- ActiveX controls could be blocked
- Users may be unable to install applications
- Outlook 2010 not able to encrypt or digitally sign emails/communicate with an Exchange server for SSL/TLS communications
- Operations Manager unable to monitor–or discover new instances of–any HP-UX PA-RISC computers *
Download the update kit here.
*Microsoft Warns Of Looming Digital Certificate Deadline
RSA keys under 1024 bits are blocked (part 1)
Blocking RSA Keys less than 1024 bits (part 2)