When responding to a client in an
SSL
Forward Proxy session, the firewall creates a copy of the
certificate that the destination server presents and uses the copy
to establish a connection with the client. By default, the firewall
generates certificates with the same key size as the certificate
that the destination server presented. However, you can change the
key size for the firewall-generated certificate as follows: