Does XCOM support 4096 bit keys for SSL certificates?

Document ID : KB000011054
Last Modified Date : 14/02/2018
Show Technical Document Details
Question:

Is there a restriction within XCOM on the use of 4096 bit keys for SSL certificates?

Does it support the higher encryption strength (i.e. 4096 bits) for all the certificates in the validation path (i.e. root, intermediate, personal)?

Answer:

XCOM doesn't concern itself with the keys. It calls the openssl API which does the trick. Since the openssl API is the same on all platforms then you should not have any problems using 4096 bit keys. You might of course notice a slight performance loss due to longer encryption and decryption times during the transfer, but we are unable to say to what extent that loss might be.