Bug 440074 - Root CA default keysize should be increased from 2048 to 4096
Root CA default keysize should be increased from 2048 to 4096
Product: Dogtag Certificate System
Classification: Community
Component: CA (Show other bugs)
All Linux
medium Severity low
: 1.0
: ---
Assigned To: Christina Fu
Chandrasekar Kannan
Depends On:
Blocks: 443788
  Show dependency treegraph
Reported: 2008-04-01 12:39 EDT by Bob Lord
Modified: 2015-01-04 18:31 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2008-08-28 15:33:26 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Bob Lord 2008-04-01 12:39:12 EDT
Description of problem:
Default keysize for Root CAs is 2048, but should be 4096. Roots may be very long
lived and should offer the highest strength that is known to be supported by
browsers and other toolkits.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. Install the CA
2. Configure the initial root

You'll see that 2048 is the default.
Comment 1 Bob Lord 2008-04-03 17:18:59 EDT
Actually, let's set the default for all CAs to be 4096.

Note You need to log in before you can comment on or make changes to this bug.