Update For Minimum Certificate Key Length
The advisory does describe some client related scenarios and you need to verify your scenario manually to confirm the effect on your systems. A general recommendation is to follow the suggested resolution and Increase the key size for certificate issued through certificate autoenrollment if possible. Alternatively to issue new certificates that follow the new minimum key length and can be used whenever this patch or any future similar patches are installed. /Hasain
August 14th, 2012 5:36pm

We are going to change the client certificates as we issue new ones since it seems that this update doesn't affect our certificate. Of course we are already issuing longer certs for those who apply a new cert. But now it seems that we don't have to rush everyone.n00b for life
Free Windows Admin Tool Kit Click here and download it now
September 1st, 2012 2:11am

I do not understand this new update to minimum certificate key lenght. http://support.microsoft.com/kb/2661254 Internet Explorer will not allow access to a website that is secured by using an RSA certificate that has a key length of less than 1024 bits. http://technet.microsoft.com/en-us/security/advisory/2661254 Customers that identify any certificates that utilize RSA key lengths less than 1024 bits in their environments will need to request longer certificates from their certification authority. Customers that manage their own PKI environments will need to create new longer key pairs and issue new certificates from these new keys. Customers should evaluate using a sufficient key length to match their requirements for data encryption which may exceed the minimum required by this update. We are using RSA 512B client certificates to authenticate. After applying update kb2661254 they are still working fine. This update will not affect personal certificates? n00b for life
September 1st, 2012 3:12pm

The advisory does describe some client related scenarios and you need to verify your scenario manually to confirm the effect on your systems. A general recommendation is to follow the suggested resolution and Increase the key size for certificate issued through certificate autoenrollment if possible. Alternatively to issue new certificates that follow the new minimum key length and can be used whenever this patch or any future similar patches are installed. /Hasain
Free Windows Admin Tool Kit Click here and download it now
September 1st, 2012 4:56pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics