OK so it seems I have a couple options. Find a CA that accepts 1024 keys or go through the process of using IIS to gen the 2048 request. After the request is processed and installed on the IIS server I can export it using the MMC certificates snap-in and the intermediate certs if needed .... then import the certs into the CAG I found a link that should help me out http://www.adrianmyatt.com/joomla/index.php?option=com_content&view=article&id=4:how-to-install-a-certificate-on-load-balanced-citrix-access-gateways&catid=40:citrix-access-gateway&Itemid=10 It looks like the intermediate certs will be exported using the MMC and then imported into the trusted root certs on the CAG ... I should know by the end of the day if one of these options work. Thanks all Brad On Thu, Sep 17, 2009 at 2:39 AM, Andrew Wood <andrew.wood@xxxxxxxxxxxxxxxx>wrote: > Entrust, Freessl, Thwate, Verisign all still offer 1024 – what I did > notice with Entrust was that if I got a cert over a year it would only issue > 2048 bit certs – but 1024 if I kept it to a year. > > > > Hth > > > > > > *From:* thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] *On > Behalf Of *brad salazar > *Sent:* 16 September 2009 21:53 > *To:* thin@xxxxxxxxxxxxx > *Subject:* [THIN] Help - GoDaddy doesn't support 1024 CSR requests > > > > > > I have an older CAG vers 4.56 but need to install a cert. It only allows up > to a key length 1024 yet GoDaddy only accepts CSR of 2048. Has anyone run > into this yet and have a workaround or another SSL CA that still uses 1024 > cert request. > > > > Thanks all > > > > Brad >