When responding to a client in an
SSL Forward Proxy session, the firewall
creates a copy of the certificate that the destination server presents and uses the
copy to establish a connection with the client. By default, the firewall generates
certificates with the same key size as the certificate that the destination server
presented. However, you can change the key size for the firewall-generated
certificate.
Changing key size settings clears the current certificate cache.