Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

What is the best! security & Performance For key size for the intercept SSL?



What is the best! security & Performance  For key size for the intercept SSL?


I know the height of the key size such as RSA(4096 Bits) Best security. But there is no server that uses this size for encryption and decryption. Although security is important but we must also pay attention to performance; a secure service that does not satisfy performance criteria will no doubt be dropped. See:


My question specifically, When intercepting SSL Certificates intercepted are signed by the root certificate, The root certificate will be a key size RSA(2048 Bits) or RSA(4096 Bits). Now FortiOS 5.4.8 & 5.6.3 Uses a certificate by default (Fortinet_CA_SSL) size RSA(2048 Bits) but i want use root certificate RSA(4096 Bits) Because it's better security and longer time to use and deploy to a large enterprise. If used root certificate RSA(4096 Bits) Is that affects performance or the client? 


 I do not understand well what happens when intercepting SSL. I know inspect HTTPS traffic operate by acting as transparent proxies. They terminate and decrypt the client-initiated TLS session, analyze the inner HTTP plaintext, and then initiate a new TLS connection to the destination website. See page2:


But when encryption between the client and the firewall, Is the server key or root key used?


Symantec recommends that customers use RSA keys of size 2048 bits or higher, or Elliptic Curve keys on curves of size 224 bits or higher. See page 13: 


Apple Root Certificates uses RSA(4096 Bits) see: Apple Root CA - G2 Root Certificate and Also Amazon and Comodo and others.


I will use Root certificate with key size RSA(4096 Bits) with The signature algorithm SHA 384. And not RSA keys of size 2048 bits with  SHA 256. 

Is this better, does it affect performance or client ? And why? 


Please answer of experts what is the best? 


Appreciate your help.








Esteemed Contributor III

But when encryption between the client and the firewall, Is the server key or root key used?


The CA root-key is never exposed to the client. The root-key used during the signing and  validation of the issued-certificate.


The SSLclient  is going to negotiate master-key  for the session and only by the public-key  of the web server for example.

issuing a  certificate from a RootCA that use 4Kbits or more is  not going to make your more protected or less.


As far as  CA that uses 4096 they are few but they do exist. I would way the needs of what you think you need and performance.


run opens speed and select  various key sizes and you we se the  "longer" times




openssl ssl sped rsa2048



or even 1024


Check out a previous blog on examples of running  comparisons







PCNSE NSE StrongSwan
Top Kudoed Authors