sslcryptographyrsassl-certificatecsr

What RSA key length should I use for my SSL certificates?


I'm in the process of creating a CSR, and I wonder which is arguably the best length for my RSA key.

Of course, 384 is probably too weak, and 16384 is probably too slow.

Is there a consensus on the key length one should use, depending on the certificate lifetime?

Edit : Like most people, I want my key to be reasonably strong. I'm not concerned that the NSA could maybe break my key in 2019. I just want to know what's the best practice when one plan to do normal business (for example an e-commerce site)


Solution

  • As of 2020, RSA keys should be 2048 bits.

    1024 bits

    2048 bits

    3072 bits

    4096 bits

    Extra