The Certification Authority/Browser Forum has mandated that Certification Authorities discontinue supporting anything less than 2048-bit certificates for both SSL and Code Signing by the end of December 2013.
Customers with certificates expiring in 2014 or later need to replace and
upgrade all certificates less than 2048-bit key length with 2048-bit RSA/DSA or 256-bit ECC certificates by October 1, 2013. All existing certificates less than 2048-bit key length will be revoked sometime after October 1 but before 12/31/2013. This is in compliance with .
To make this transition as easy as possible below are a few helpful resources:
Tools for generating a new CSR for a compliant certificate.
Easily determine the key-length of your certificates.
Learn how to install a certificate on a variety of servers.
Track and manage all SSL/TLS certificates in your ecosystem.