allows export clients to communicate with the secure server even if the server
certificate does not support export clients (1024-bit certificate). If you want
to prevent export clients from accessing the secure web object and/or resource,
you need to disable ephemeral RSA key exchange.
By default, this
feature is enabled on the NetScaler appliance, with the refresh count set to
zero (infinite use).
RSA key is automatically generated when you bind an export cipher to an SSL or
TCP-based SSL virtual server or service. When you remove the export cipher, the
eRSA key is not deleted but reused at a later date when another export cipher
is bound to an SSL or TCP-based SSL virtual server or service. The eRSA key is
deleted when the system restarts.