Solved

As of 1/1/14 - 1024-Bit RSA Certificateswill no longer be supported

Posted on 2013-12-12
3
300 Views
Last Modified: 2014-02-07
I have a 2003 SBS server with a self signed certificate that is 1024 RSA.  I use the server for RWW and OWA (Smart Phones).  How will I be effected?

Also, I use Internet Explorer.  How will it be effected?  

Thanks
0
Comment
Question by:howmad2
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 35

Accepted Solution

by:
Cris Hanna earned 500 total points
ID: 39715768
I think you have much more to be worried about if you're still on SBS 2003 than just your cert.
All Microsoft support for SBS 2003 goes away in April 2014, just like for XP.

I don't think you'll have any problems OWA and RWW should continue to work.
0
 
LVL 63

Expert Comment

by:btan
ID: 39715782
Specifically on this
http://support.microsoft.com/kb/2661254

Internet Explorer will not allow access to a website that is secured by using an RSA certificate that has a key length of less than 1024 bits.

Outlook 2010 cannot connect to a Microsoft Exchange server that is using an RSA certificate that has a key length of less than 1024 bits for SSL/TLS. The following error is displayed: "Information you exchange with this site cannot be viewed or changed by others. However, there is a problem with the site's security certificate. The security certificate is not valid. The site should not be trusted."

There are resolution which is to use more than 1024 buts certificate and interim of enabling shorter keys..
0
 
LVL 63

Expert Comment

by:btan
ID: 39715785
This would be useful with more screen captures.  In order to be NIST compliant 1024 bit security should not be used after the end of 2013. This does not mean that all CAs and browsers will stop accepting 1024 bit certificates at the end of 2013. You should definitely plan on updating your applications to support 2048 bit RSA certificates or ECC certificates, but nothing is going to suddenly stop working at the end of this year.

http://blogs.technet.com/b/pki/archive/2012/06/12/rsa-keys-under-1024-bits-are-blocked.aspx
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
Worried about if Apple can protect your documents, photos, and everything else that gets stored in iCloud? Read on to find out what Apple really uses to make things secure.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question