Support:Be careful when using your own Device Certificate

From innovaphone-wiki

Jump to: navigation, search

Contents

[edit] Applies To

This information applies to

  • all innovaphone Device with certificates

All builds


[edit] More Information

[edit] Problem Details

When using TLS, the device's own device certificate is used during connection establishment. The default certificate shipped with our devices has a key length of 1024 bit. If you replace that with your own certificate, be sure you know what you're doing. Certificates with longer key length can dramatically increase CPU load on the device when using TLS. This is a property of the RSA algorithm.

Also certificates with SHA1, SHA224 or SHA256 hashes create lower CPU load than SHA384 and SHA512 certificates.

[edit] Resolution

If you use your own device certificates, be sure to use the same key length.

[edit] Related Articles

Reference11r1:Certificate_management#Certificate_Key_Length_and_CPU_Usage

Personal tools