Setting DRA's Key Length to 4096
Posted on 2008-10-23
I'm deploying a Microsoft PKI solution and need to create a DRA for EFS. By default, using the cipher \r command, it creates a DRA key of 2048 bits on either a Vista or a 2008 machine (1024 on 2003 and XP). However, I would like create them as 4096 bit in length. I have added theHKLM\Software\Microsoft\Windows NT\CurrentVersion\EFS\RSAKeyLength DWORD with a decimal value of 4096 as recommended by Microsoft document. Unfortunately, when I run the cipher \r command to create a DRA key, it is created as a 2048 bit length RSA key. I have no idea how to get around this problem.
Any help would be appreciated.