Per the 23 December 2022 DoD CIO memo “Department of Defense Transition to Stronger Public Key Infrastructure Algorithms,” the DoD will cease issuing PKI certificates utilizing RSA-2048 and SHA-256 on both NIPRNet and SIPRNet on 31 December 2027 and transition to using at least RSA-3072 (4096 is preferred) and SHA-384 cryptographic algorithms.

  Title Size Updated
  DoD CIO Memo on Migration to Stronger Cryptographic Algorithms DoD CIO Memo on Migration to Stronger Cryptographic Algorithms
This DoD CIO memo, dated 23 December 2022, provides guidance to the Department of Defense (DoD) components on actions they must undertake as DoD migrates to stronger algorithms for the DoD and National Security Systems (NSS) Public Key Infrastructures (PKI).
2023 09 14