Daniel Nashed's Blog

1Lars Berntrop-Bos  21.09.2016 13:28:31  Setting up the first server and Certifier with 4096 bit keys instead of 1024 bit

Thanks!

2Friedhelm Klein  26.09.2016 8:52:21  Setting up the first server and Certifier with 4096 bit keys instead of 1024 bit

It actually still happens sometimes that there are new customers, but I admit it is currently a rare case. However this information is important to existing cusomers as well, e.g. when you setup an extra domain for testing purposes, Traveler or Sametime.

Thanks to Daniel for the update to my AdminCamp session. I wonder what a setting of 4096 will do to the 1st Server and Admin, as they are restricted to 2048 Bits, only certifiers can be 4096 bit wide.

3David Kern  22.02.2017 0:43:25  Setting up the first server and Certifier with 4096 bit keys instead of 1024 bit

@Friedhelm - Servers and certifiers cannot (currently) be created with strengths above 2048 bits for performance reasons - you would need some truly impressive hardware to want to use 4096 bit RSA keys on a high traffic server. However, larger key sizes are supported - you just cannot create them with the current version of Notes/Domino. See the first line of the first table in this wiki page for details.

https://www-10.lotus.com/ldd/dominowiki.nsf/dx/supported-key-sizes-in-notesdomino

4David Kern  22.02.2017 22:43:40  Setting up the first server and Certifier with 4096 bit keys instead of 1024 bit

Just FYI - the default key size for "first server setup" changed from 1024 bits to 2048 bits in 9.0.1 FP7.