Forum Discussion
2 Replies
Sort By
- Steve_87232NimbostratusAnyone have an update on this? Does 10.x support 4096? I can't seem to verify the answer.
- hooleylistCirrostratusHi Steve,
Apparently for client or server SSL, you can use certs/keys larger than 2048 bits if you use software SSL decryption:
From case C564817:
You can specify a cipher string of "DEFAULT:!NATIVE" and the "!NATIVE" will rule out using the acceleration card and just use software.
This is also noted in SOL10580:
SOL10580: The SSL key size is limited when using hardware acceleration
https://support.f5.com/kb/en-us/solutions/public/10000/500/sol10580.html
If you open a case with F5 you can ask to have your request added to CR124105.
Aaron