FAQ: Key Sizes/Certificates Supported by ADC
Article ID: CTX206268
Updated On:
Description
Q: What are the key sizes/certificates supported by ADC?
A: An MPX appliance supports certificates of 512 or more bits, up to the following sizes:
- 4096-bit server certificate on the virtual server
- 4096-bit client certificate on the service
- 4096-bit CA certificate (includes intermediate and root certificates)
- 4096-bit certificate on the back-end server
- 4096-bit client certificate (if client authentication is enabled on the virtual server)
A VPX virtual appliance supports certificates of 512 or more bits, up to the following sizes:
- 4096-bit server certificate on the virtual server
- 4096-bit client certificate on the service
- 4096-bit CA certificate (includes intermediate and root certificates)
- 4096-bit certificate on the back-end server
- 4096-bit client certificate (if client authentication is enabled on the virtual server)
The following is the behavior on ADC SDX appliance:
- If VPX instance has at least one SSL chip assigned to it, then it supports certificates as supported by a MPX appliance
- if VPX instance has NO SSL chip assigned to it then it supports certificates as supported by a VPX appliance
Note: FromĀ Citrix ADC 13.0 build 79.64 and onwards we supportĀ 4096 client certificates on VPX
.
Issue/Introduction
This article answers the frequently asked question about the key sizes/certificates supported by ADC
Additional Information
Citrix Documentation - Server Certificate Support Matrix on the NetScaler Appliance
Was this article helpful?
Yes
No
Powered by
