New Standard for SSL Certificates Industry standards set by the Certification Authority/Browser (CA/B) require that certificates issued after January 1, 2014 MUST be at least 2048-bit key length.
Some browser SSL implementations may reject keys less than 2048 bits after January 1, 2014.
Additionally, some SSL certificate vendors may revoke certificates less than 2048 bits before January 1, 2014.
Beginning with 08.0.03 the default certificate was changed to use a key with 2048 bit length.
To regenerate an old default certificate use the CLI command ""ip https certgen"" and restart the https server or the device.