PRB: Windows Enforces SSL Key Size Limits (274114)
The information in this article applies to:
- Microsoft Win32 Application Programming Interface (API), when used with:
- the operating system: Microsoft Windows 95
- the operating system: Microsoft Windows 98
- the operating system: Microsoft Windows Millennium Edition
- the operating system: Microsoft Windows NT 4.0
- the operating system: Microsoft Windows 2000
- the operating system: Microsoft Windows XP
This article was previously published under Q274114 SYMPTOMS
Secure socket layer (SSL) private/public key pair sizes cannot exceed the key size limit that is listed in the following table. If the size limit is exceeded, the server will terminate the connection during the SSL negotiation phase. |
| Windows 95, Windows 98, Windows Millennium Edition, Windows NT 4 | 2,048 bits | | | Windows 2000, Windows XP | 4,096 bits | |
MORE INFORMATIONSSPI/SSL Considerations
If the SSL key size is exceeded, Security Support Provider Interface (SSPI)/SSL server applications receive a "SEC_E_INTERNAL_ERROR" when calling InitializeSecurityContext().
Socket-based SSPI/SSL clients that instigate this error often see a return code of "WSAECONNRESET" on a call to recv() during SSL authentication.
| Modification Type: | Minor | Last Reviewed: | 9/27/2004 |
|---|
| Keywords: | kbAPI kbKernBase kbprb kbSecurity KB274114 |
|---|
|