Changing minimum RSA Key size

Hello, I am running into the same issue as discussed on this thread:

I was wondering how, if possible, would I be able to change the minimum required RSA Key length on my OpenSerach server end (lower it to 1024 bits), instead of increasing the Key size from my OIDC IdP?


Hello @user123

Based on the answer from the mentioned thread, I find that issue is not related to security plug-in but to Apache CXF. 2048 limit is defined in Apache code.

In that case, the only solution is to change the key size in your OIDC IdP.


thanks for your reply. Is there a config anywhere to change that CXF parameter? Or perhaps something in the “” config file in the OpenSearch source code? My company’s IdP uses 1024 bits and is having issues increasing the length at the moment, and I’d like to continue devs on my side.

Hi @user123

I’m not aware of such a possiblity.