Frequently Asked Questions


Can my LoadMaster support 4k/4096 bit SSL certificates?

LoadMaster currently supports key sizes higher than 2048 bit, however increasing the key size reduces the SSL TPS performance non-linearly, so performance with a 4096 bit key will drop substantially (by at least a power of four) compared to a 2048 bit key. In order to achieve the same performance with larger keys, more powerful hardware will be needed.

However, as indicated by NIST (page 66), 2048 bit keys has a security lifetime until 2030. (RSA keys are under the heading IFC in Table 4) In paragraph 2 on page 65, the document discusses the need for security vs. impact on operations: "In many cases, a variety of key sizes may be available for an algorithm. For some of the algorithms (e.g., public key algorithms, such as RSA), the use of larger key sizes than are required may impact operations, e.g., larger keys may take longer to generate or longer to process the data. However, the use of key sizes that are too small may not provide adequate security."

Start Powering Your Always-on Application Experience Today

30-Day Free Trial Contact Sales