Switch your certificate to 2048 bit before Dec. 31st 2013
Industry standards call for the deprecation of 1024 bit certificates to maintain the highest levels of protection now and long into the future.
The deadline to upgrade your 1024 bit SSL certificate is fast approaching. Certificate issuance standards set by the Certificate Authority/Browser Forum (CA/B) and the National Institute of Standards (NIST) require all certificates issued after 1st January 2014 to be of at least 2048 bit key length. The transition to higher strength 2048 bit signatures is a preemptive move to provide long-term protection against attack by hackers who may have significantly greater processing power at their disposal in the future. Comodo advises you to check whether your current certificate is of the required 2048 bit key length and to upgrade/replace it if it is not.
Am I Affected?
To check the key bit length of your SSL certificate, enter your domain name into the Comodo SSL analyzer at sslanalyzer.comodoca.com/. You need to look at the 'Key' row. If it states 2048 bit or higher, then you are OK.
What should I do to upgrade my 1024 bit SSL?
- For certificates expiring on or before 31st December, make sure you generate a 2048 bit CSR when renewing your certificate
- For 1024 bit certificates expiring after 31st December, please apply for a FREE 2048 bit replacement certificate. To do this, first generate a 2048 bit CSR for your domain then either:
- Create a support ticket at support.comodo.com/index.php requesting a re-issue with reference to your order number. Refer to this support page for more guidance.
- If you have a 'Web Host Reseller' or 'EPKI' account, login to your account, locate your certificate order, click the 'Replace' link and complete the application form.