Solved

As of 1/1/14 - 1024-Bit RSA Certificateswill no longer be supported

Posted on 2013-12-12
3
303 Views
Last Modified: 2014-02-07
I have a 2003 SBS server with a self signed certificate that is 1024 RSA.  I use the server for RWW and OWA (Smart Phones).  How will I be effected?

Also, I use Internet Explorer.  How will it be effected?  

Thanks
0
Comment
Question by:howmad2
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 35

Accepted Solution

by:
Cris Hanna earned 500 total points
ID: 39715768
I think you have much more to be worried about if you're still on SBS 2003 than just your cert.
All Microsoft support for SBS 2003 goes away in April 2014, just like for XP.

I don't think you'll have any problems OWA and RWW should continue to work.
0
 
LVL 64

Expert Comment

by:btan
ID: 39715782
Specifically on this
http://support.microsoft.com/kb/2661254

Internet Explorer will not allow access to a website that is secured by using an RSA certificate that has a key length of less than 1024 bits.

Outlook 2010 cannot connect to a Microsoft Exchange server that is using an RSA certificate that has a key length of less than 1024 bits for SSL/TLS. The following error is displayed: "Information you exchange with this site cannot be viewed or changed by others. However, there is a problem with the site's security certificate. The security certificate is not valid. The site should not be trusted."

There are resolution which is to use more than 1024 buts certificate and interim of enabling shorter keys..
0
 
LVL 64

Expert Comment

by:btan
ID: 39715785
This would be useful with more screen captures.  In order to be NIST compliant 1024 bit security should not be used after the end of 2013. This does not mean that all CAs and browsers will stop accepting 1024 bit certificates at the end of 2013. You should definitely plan on updating your applications to support 2048 bit RSA certificates or ECC certificates, but nothing is going to suddenly stop working at the end of this year.

http://blogs.technet.com/b/pki/archive/2012/06/12/rsa-keys-under-1024-bits-are-blocked.aspx
0

Featured Post

Increase Agility with Enabled Toolchains

Connect your existing build, deployment, management, monitoring, and collaboration platforms. From Puppet to Chef, HipChat to Slack, ServiceNow to JIRA, Splunk to New Relic and beyond, hand off data between systems to engage the right people.

Connect with xMatters.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

By default, Carbonite Server Backup manages your encryption key for you using Advanced Encryption Standard (AES) 128-bit encryption. If you choose to manage your private encryption key, your backups will be encrypted using AES 256-bit encryption.
As a financial services provider, your business is impacted by two of the strictest federal regulations on record: the Sarbanes-Oxley Act and the Gramm-Leach-Bliley Act. Correctly implementing faxing into your organization to provide secure, real-ti…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question