Moving to a 2048-bit certificate
New Standard for SSL Certificates Industry standards set by the Certification Authority/Browser (CA/B) Forum require that certificates issued after January 1, 2014 MUST be at least 2048-bit key length.1
Why? As computer power increases, anything less than 2048-bit certificates are at risk of being compromised by hackers with sophisticated processing capabilities. The cybersecurity industry is moving to stronger 2048-bit encryption to help preserve internet security.
Action Required: What do I need to do?
If you have any 1024-bit certificates or certificates with less than 2048-bit key length, you will need to migrate to 2048-bit key length by October 1, 2013*. Depending on when your certificate(s) expires, you'll need to take either of the actions below.
- New Certificates or Renewing before January 1, 2014 - use a 2048-bit Certificate Signing Request (CSR) when you buy a new certificate or during the renewal process
- Certificates that Expire after January 1, 2014 - you'll need to reissue your certificate with a 2048-bit key length by October 1, 2013. It is FREE to reissue a certificate and you'll still get all the time remaining on your current certificate. Please note: If you are an Enterprise Customer, please go to the GeoCenter login page and reissue your certificate within the console.
Do you have certificates with less than 2048-bit key length?
Use the SSL Certificate Checker (powered by Symantec) to check the key length on your current SSL certificates.
Can your server handle a 2048-bit certificate?
Longer key lengths require more server power and not all systems can handle a 2048-bit SSL certificate (if you're already running 2048 certificates, move on to step 3). You can easily test your system by requesting a GeoTrust test certificate with a 2048-bit key length. Get a test certificate. If you can't install the test certificate, contact our support team for help.
Generate your CSR
- Go to the GeoTrust Renew or Reissue Portal, login, and renew or re-issue your certificate.
- Renew - certificates that expire December 31, 2013 and earlier with a 2048-bit key.
- Reissue – All certificates with less than 2048-bit key length that expire after January 1, 2014
- Enterprise customers only: Log in to Geocenter to renew or reissue your certificate within the console.
- Visit our support center
- Email us
- Chat online with sales or support
- US/CA/Latin America: 866-511-4141
- Europe, Middle East, and Africa: +44 203 0240907
- Australia 61 3 9914 5661
- Asia-Pacific: +03-5114-4776
There are several ways to get help.
*GeoTrust has decided to begin revoking certificates with less than a 2048-bit key length on October 1, 2013 to avoid potential problems for customers that will be impacted by site code lock-downs due to the holiday season.