1. Security Guide
  2. About Supported Values for Certificate Encryption Keys

About Supported Values for Certificate Encryption Keys

A certificate authority certifies ownership of the public and private key pairs that are used to encrypt and decrypt TLS communications. Messages are encrypted with the public key and decrypted with the private key. The certificate key size refers to the size, in bits, of the encryption key provided with the certificate.

For TLS authentication in a Siebel Enterprise, Siebel Server, or Siebel Application Interface, Siebel Business Applications support certificates that use an encryption key size of 1024 bits by default. You can use a higher encryption key size, such as 2048 or 4096 bits, as well.

The size of the certificate key supported depends on the components for which you are configuring TLS communications. The following table shows the certificate key sizes supported for communications between different components in a Siebel Business Applications deployment.

TLS Communication Type

Supported Key Size

TLS communications between the Siebel Server and the Web server (Siebel Application Interface), and between Siebel Servers.

1024-bit certificate keys are supported by default.

Certificate key sizes larger than 1024 bits, such as 2048-bit or 4096-bit keys, are also supported.

TLS communications between Web clients and the Web server.

The acceptable protocols and key sizes are determined by the underlying operating system and Web server software. In most cases, these systems support larger private key sizes.

TLS communications between developer clients (including Siebel Tools) and components in the Siebel environment.

1024-bit certificate keys only are supported.

TLS communications between the Siebel Server and the Siebel database.

The key size supported is determined by the third-party database used and database client software.

TLS communications between Siebel security adapters and external directory servers.

These connections can support larger bit sizes for certificate keys.

TLS communications for Web services.

Web services support up to 4096-bit certificate keys.