HANDS ON SharePoint
HANDS ON Teams
HANDS ON Lists
HANDS ON tek
M365 Admin
TLS server authentication: Deprecation of weak RSA certificates
Weak RSA key lengths for certificates will be deprecated on future Windows OS releases later this year. We recommend you use a stronger solution of at least 2048 bits length or an ECDSA certificate, if possible. Support for the RSA algorithm itself won’t be affected. Find details and recommended next steps in TLS server authentication: Deprecation of weak RSA certificates.
When will this happen:
- 2012: Our first advisory encourages moving away from keys shorter than 1024 bits.
- 2013: The National Institute of Science and Technology (NIST) recommends discontinuing the use of 1024-bit RSA keys.
- 2016: You’ve been able to follow our Certification Authority Guidance to start implementing longer keys, among other measures.
- April 2024: The new recommended standard is available to those in the Windows Insider Program.
- Late 2024: 1024-bit RSA keys will be deprecated to further align with the latest internet standards and regulatory bodies.
How this will affect your organization:
So far, you’ve been able to use 1024 bits as the shortest key length for RSA encryption. However, 1024-bit key lengths today provide insufficient security given the advancement of computing power and cryptanalysis techniques. Therefore, they will be discontinued in the last quarter of this calendar year.
What you need to do to prepare:
In the next few months, try one of these two solutions:
See Additional information for more details.
Additional information:
- Switch to new TLS server authentication certificates with RSA key lengths of 2048 bits or higher for all your applications or services.
- Switch to smaller and faster ECDSA certificates.
- TLS server authentication: Deprecation of weak RSA certificates
- Deprecated features in the Windows client
- Cipher Suites in TLS/SSL (Schannel SSP)
Message ID: MC791462
