SSL-certificate Knowledge Base
-
What is an SSL-certificate?
What is an SSL? SSL (Secure Sockets Layer) - is an encryption technology that was originally invented by Netscape. SSL…
-
What is a Certificate Authority (CA)?
Certificate Authorities, or CAs, are authorities involved in the issuing of the digital certificates. Digital certificates are small data files…
-
How to renew an SSL-certificate
You will be able to renew the certificate for 30 days before it expires. Renewals requires not only pay for…
-
How to order an SSL-certificate? What is required?
Ordering of an SSL Certificate may turn to be a very simple or a very complex process. Simplicity of the the…
-
What are the high assurance SSL-certificates?
High assurance SSL-certificate - is a basic type of certificate, which is frequently issued by CA's. Before the certificate can be issued, Certificate Authorities…
-
What are the reasons for re-issue SSL certificate?
SSL-Certificate Reissue performed in order to maintain the privacy SSL-Certificate if it is moved, or if the SSL certificate information…
-
Cryptographic hash functions in details
The hash function is a one-way function, which means it cannot be converted from current values to the original content. A good example of…
-
Wildcard SSL and SAN – what is the difference between the two SSL certificates?
If you require an SSL-certificate, which is suitable for multiple domains, then you have two options: wildcard certificate or a…
-
DROWN-attack able to cut down a third of the network websites
Recently a new vulnerability hole was discovered and it was named Heartbleed, and now we are facing a new exploit. DROWN, new…
-
Symantec Seal-In-Search: what is it and why is it necessary?
User safety is an important aspect for social networks, simple blogs, business and government websites. If the user trusts in your…
-
The main advantages of EV-Certificate for Business
EV SSL-certificate - one of the most advanced security certificates, which offers 256-bit encryption, as well as the green address…
-
Mixed Content Error: where does this error appear and how to get rid of it in Google Chrome
You may have previously encountered such error as Mixed Content Error. In this article, we will explain you how to…
-
PKI: an ideal solution or source of the problem?
We are all now aware about the PKI (public key infrastructure). Each day, larger number of companies establish their first PKI…
-
How to get an SSL-certificate?
To protect your website from hackers, you must get the SSL-certificate. How to do it? There are several ways to…
-
What is an intermediate SSL-certificate? How it is used?
Trusted Root CA certificate can be used for the purpose of creation another certificate which would be used for the issuing…
-
What is the Site Seal SSL?
Site Seal refers to a static or dynamic image located on the SSL-protected Websites and allows users to understand whether or…
-
What you should know about SSL
The growth of cyber-attacks and the widespread news about watching by governments has resulted to the fact that the network…
-
Attackers can exploit the vulnerability in StartSSL for issuing SSL certificates
Recently, security experts have found a serious hole in the domain verification, which was discovered in the StartSSL. The detected…
-
SSL-certificate as an integral part of any business
Studies shown that one in four people do not trust online sellers and will not make a purchase or provide…
-
Google has made the list of untrusted providers of digital certificates
In an effort to improve trust in the web, Google released a new tool for tracking fraud CAs. Google has…
-
Why it is essential to use a Certificate pinning
Not so long ago the Netcraft, a company that scans the network, has released its "rebuke" for system administrators because…
-
Revoked TLS certificates can still be compromised
Security researchers working for the company Sucuri, have decided to revise the report, written back in 2012, dedicated to the…
-
Verification via email to issue SSL-certificates
Verification of certificates based on an confirmation of email account ownership is the most common certificate validation mechanism used by…
-
What is a PKI and where it is used
Public Key Infrastructure (PKI) is a common approach of encryption and authentication. This approach is used by a small businesses as…
-
How to use PKI and why is it important in the corporate sector
The cost of PKI implementation solely depends on each setting, but there are some costs that are common. In regards…
-
What are the pros and cons of the Wildcard SSL Certificate?
Wildcard SSL-certificates are designed to protect an unlimited number of sub domains on one domain name. This is very beneficial for…
-
Google, Microsoft and Yahoo want to make email resistant to MITM attacks
In the era of Apple vs FBI and large-scale hacking on a regular basis, many people are beginning to realize…
-
Popular questions about the root and intermediate certificates
In the following article we have compiled the most popular questions related to the root certificate. Q: Should I install the…
-
Self-signed SSL-certificate: a threat for business
You may want to use a self-signed SSL-certificate on your website. This will allow you to save some money, because you…
-
Best practices of SSL-Certificate Management
How to manage SSL-certificates to achieve effective protection of the web site? We will review current methods and established practices in this…
-
Popular warnings in browsers, related for SSL-certificates
If you visit various sites and make purchases, then you should be aware of how important could be notifications of the…
-
Why do you need to install an SSL certificate on a site
Before you start your online business, it is important to purchase the SSL-certificate. SSL - Secure Socket Layer, it helps…
-
Do I need SSL-certificate for my business or my site?
Should I use an SSL-certificate to protect website or business? Many people have asked about this. Companies must ensure that…
-
Visual cues that carries the SSL-certificate
Hacking, theft of personal data, as well as all other types of cybercrimes is constantly happening around. Attackers are trying…
-
VeriSign SSL – why these certificates so expensive?
Most likely you have already faced with Verisign SSL certificates. Many sites displays VeriSign’ Site Seal. Seal - is a…
-
What happens if you lose your private key?
SSL means the process of protection for certain information by using encryption. Encryption is a mathematical process of coding and…
-
Protect login forms with an SSL certificate
How to deal with the attacks on the login form? Many people ask this question, because the problem is one…
-
How SSL-certificates help keep the site secure
Protection of the website and customers is the one of the most important milestones in everyday functioning of online stores and…
-
DV SSL-certificates: what is it?
Domain Validated SSL Certificates (short DV) - are certificates that have the lowest level of validation among commercial CA certificates.…
-
Which fields includes the certificate?
Certificate consists of fields and a set of extensions (version 3). Structure of fields is linear, though some fields may…
-
Which extensions can have a certificate?
Certificate extensions were introduced in version 3. They will add flexibility to the past quite a limited format of the…
-
Sidejacking and how to beat it with SSL
Sidejacking - a special kind of theft, where an attacker intercepts traffic of user sessions, ie, for example, the traffic…
-
Why is there a huge number of invalid certificates?
The spread of invalid certificates is wide enough. It is difficult to find anyone who has never encountered them. Here…
-
Security Indicators, which provide SSL-certificates
Security indicators are the important elements of the user interface that allow you to verify that the page is secure. Indicators…
-
6 vulnerabilities in OpenSSL have been fixed
OpenSSL cryptographic library has released an update which will fix the six discovered issues. Only two of them are labeled…
-
Key management best practices for SSL
Key Management is the one of the major issues that affect the security. The most successful attacks are related to…
-
How to choose a reliable certification authority?
Small websites that need an average DV-certificate, can request it at any of the certificate authorities. Their task as simple as buying the cheapest…
-
How to perform a revocation of SSL-certificate?
SSL-Certificate Revocation procedure. When is it required? Revocation of the certificate is often used by companies, when they want to replaced…
-
Fraudsters use SSL-certificates for phishing
CAs provides the SSL-certificate to owner of fake domains used in phishing against known online stores and banks. Just in…
-
What additional vulnerabilities can appear as a result of using Wildcard SSL-certificate?
Wildcard-certificates can lead to additional security issues. Wildcard-certificate is a certificate that contains a server name as a possible name that…
-
Installing SSL-certificate and IP-addresses: what you should know?
What is required before installing the SSL-certificate? Let's look deeper into this question. SSL-requires a dedicated IP-address. SSL-certificate could only be installed…
-
What Trust Logos are credible for users?
Third-party trust marks are used on most commercial sites, to convince customers that they can carry out purchases in safe…
-
Error with SSL at the opening of Facebook and other sites, indicating an invalid security certificate
Today our agenda is to review a problem that occurs when you try to open a site over HTTPS (for example,…
-
Name Mismatch Error in SSL-certificate: how to fix this error?
Name Mismatch Error indicates that the Common Name (domain name), which is provided in the certificate does not match the address…
-
Most banking applications exposed to threats
Smartphone owners are accustomed to trust your applications, especially if they relate to the banking sector. However, according to experts…
-
The presence of the SSL-certificate: improve the search rankings or not?
To understand the problem, we must start with its origins. I analyze the news from authoritative sources (in order not…
-
What problems can address SSL certificate?
Many of us love to chill out in a cafe or somewhere outdoors, while surfing through the web pages by…
-
Why should you purchase an SSL-certificate?
Possession of SSL-certificate has become a necessity for the sites which are designed to interact with the user's personal data. SSL-Certificate appearance…
-
The transition to the use of TLS in payments for compliance with the PCI
PCI SSC has officially announced the postponement of the deadline for the use of unsecure cryptographic SSL protocol with the…
-
Using SSL-certificate for protects against breaking of passwords on the site
A common way to hack the site - get passwords to the administrative panel of the site. Basically passwords obtained…
-
Only a quarter of users ignore the warnings about the security in the browsers
Internet users appeared to be more attentive to security issues than previously thought. Only a quarter of Google Chrome and…
-
Re-issue of the certificate due to setting domain name without the www
When obtaining an SSL certificate, you must specify the domain name. Often domain name specified without the www, which creates…
-
The purpose and function of SSL certificates
Today let's talk about the purpose of the SSL certificate and what role it plays in the implementation of a…
-
Symantec Certificates are now issued free of charge
Now you do not need to pay for DV (domain validated) TLS / SSL certificates (hereinafter referred to simply «TLS»).…
-
The benefits of creating your own Certificate Authority
Using your own digital certificates to internal corporate networks, such as intranets and the VPN, enable your business to save…
-
Interception SSL via the proxy server
Many people believe that SSL is the golden standard in network security. Yes, SSL helps protect you from different problems,…
-
The problems that come when renew SSL-certificates
SSL-certificate renewal is often a rather complicated process. In this article we will describe some of the problems that you…
-
The HTTPS protocol – why you should move on it?
Data transfer over HTTPS does not give attackers: Intercept data, because they are transmitted over an encrypted channel. When data…
-
Why all websites should work on https (and does not work on http)
There are two popular protocol which works with sites: http - very simple, and https - the same as http,…
-
Problems with the implementation SSL in enterprises and ways of traffic control
It is obvious that there are legitimate reasons to encrypt inbound / outbound enterprise traffic. But encrypted traffic also poses…
-
Comodo is trying to get the brand Let’s Encrypt
The non-profit certification authority Let's Encrypt, controlled by community and provides certificates for free to all comers, revealed information about…
-
Malware exploit SHA-2 certificates
Rejection of the SHA-1 certificates had an impact not only on the owners of sites and software vendors, but also…
-
One-way authentication – protection from phishing
Using the protocol SSL (Secure Sockets Layer) provides secure communication between Web-server and users. Despite the fact that the protocol…
-
Do you need a SSL-certificate with Extended Validation?
If your company - a major Internet project, you need an SSL certificate with Extended Validation. This certificate is the…
-
HTTPS Proxying and its features
The HTTPS protocol, which is a combination of standard data web protocol HTTP and cryptographic protocol SSL is almost the…
-
Stand-alone certification authority in Windows Server
Each administrator will sooner or later faces the need to provide the secure exchange of information over the Internet, external…
-
EV certificate to protect against phishing
Internet fraud has become more coordinated and sophisticated, eroding consumer confidence, which is so necessary in the Internet business. Phishing…
-
SSL to protect the enterprise network: Why EV?
SSL certificates with Extended Validation provide a higher level of confidence and reliability than simple DV certificates with domain verification…
-
The main problems associated with the transition to HTTPS
Switch to the protocol https is like to change the domain name of the site. You are waiting for the…
-
Correct installation of SSL-certificate: how to verify this?
Never information is transmitted as quickly as today. Transfer of funds from the account, send an order or document can…
-
How to choose an SSL certificate?
Today we get a variety of different certificates for secure websites and resources, each of them has its advantages. From…
-
Renewal of SSL-certificate: how to do?
Many users have successfully implemented and using SSL-protection system. SSL-certificate installed on all resources of organization, and it provides cryptographic…
-
How and When Apply SSL-certificates?
The decision on the use of SSL certificates is based on the importance of ensuring the confidential transmission of data…
-
Fraudsters use StartEncrypt to obtain SSL-certificates
If the title makes someone a slight feeling of déjà vu, it is not surprising. In March 2016 the Israeli…
-
Fake trust seal on sites with SSL: how to avoid danger?
Official trust seal attests that the website is authentic, and shall be issued by a third party - usually a…
-
Error with SSL certificate verification. Why it appears?
SSL validation error occurs in the Opera web browser if your computer is unable to verify the certificate of the…
-
General description of the SSL certificate and its purpose
SSL certificate - is a technology that provides a coded connection between the server and the web browser. In other…
-
Digital SSL certificates and their management
Thanks to the SSL-certificate users around the world can exchange confidential information, secure in the knowledge that it is protected…
-
SSL is not a guarantee of complete safety
Despite the fact that SSL is an encryption protocol, a security measure designed to hide and protect the traffic between…
-
Chinese CA issued SSL-certificate for Github domain to simple user
An applicant may receive a free SSL-certificate for the base domain, if he can confirm the control of a subdomain.…
-
More than 40% of attacks targeted on SSL encryption
The new report showed the risk of lack of validation of encrypted packets. There is an important clause of the…
-
TLS-encryption of e-mail client
Due to the fact that for sending email messages SMTP standard does not use any encryption or authentication procedure, any…
-
Note: encrypted traffic can be a threat!
Without any sane strategy to manage encrypted traffic, you can be vulnerable to attacks and leakage of critical data. The…
-
Error of SSL connections – what to do and how to fix it?
First, let's understand what it is. SSL - a cryptographic protocol which makes connection more secure. Sites that use the…
-
False CONNECT vulnerability allows MitM-attack and intercept HTTPS-traffic
The problem is caused due to errors in the implementation of proxy authentication procedures used in the software of different…
-
CloudFlare insists on encryption
Last week for CloudFlare was held under the motto of strengthen cryptographic connections to its global CDN-network. The company has…
-
Japanese researchers have developed a method of data encryption for smart home
Scientists from the Japanese Tohoku University have created a new method of encrypting information transmitted in smart home systems, and…
-
Apple denied a certificate trust of WoSign
Apple has exacerbated the deplorable situation of the WoSign, announcing that soon will withdraw confidence to its free intermediate SSL-certificates…
-
Mozilla reduces the risk of rolling back encryption on Firefox
Over the past year was discovered several methods of attack on the encrypted channels, based on the decrease in the…
-
Error with GlobalSign certificates led to massive problems with HTTPS-sites
GlobalSign's success as a root certificate authority this week was staggered. Certification Center was unable to maintain the usual protocols.…
-
PCI DSS 3.2: what you need to remember?
PCI Security Standards Council describes the main requirements for PCI DSS 3.2 - update, which is aimed at the business.…
-
Automating backup for the SSL-certificate: businesses need protection after an incident with Globalsign
Company's existing online, decided to reduce their dependence on individual CAs using backup automation. A huge number of sites have…
-
Mozilla switches to TLS 1.3 in browser Firefox 52
Mozilla plans to implement a new version of the TLS specification in Mozilla browser. TLS 1.3 will go along with…
-
Mozilla bans Chinese WoSign – Firefox no longer trusts their SSL-certificates
Starting in January, any site that uses the new certificate from the Chinese CA WoSign will have a problem with…
-
Google refused to trust certificates WoSign and StartCom
Following a similar decision taken by Mozilla and Apple, Google decided to abandon the new digital certificates issued by the…
-
Opinions about deprivation of trust to the two major CA – WoSign and StartCom
Effect of withdrawal of confidence in the two CA - WoSign and StartCom - are unusual. RiskIQ, security vendor, has…
-
What you need to know about the upcoming Google updates security
On the threshold stands a new security update at Google, but it does nothing new for us. Google is actively…
-
Comodo launched a new platform for certificate management
Digital certificates are an essential part of online security. The number of "internet of things" devices continues to grow, so…
-
SSL-certificate with SHA1 will be deprecated in 2017
Last days of SHA1 SSL-certificates is coming. Certificates of this type based on a cryptographic hash, which is calculated using…
-
Certificates Transparency: what you should know about it
Recently, we saw a lot of news about the certificates transparency. For example, the Google will make it mandatory in…
-
How exactly will be called the next version of the TLS?
Will there be a version called TLS 1.3, TLS 4 or something else? Work on the next version already being…
-
All new Tumblr blogs are created by default with SSL
Even in 2014, Tumblr wrote that they will add the SSL, the standard protocol for establishing secure connections in Web.…
-
Automattic preparing a major change in the field for the SSL WordPress for web hosting companies
The aim of Automattic – to do everything that the services you use will be safe. The company, which is…
-
Symantec SSL Certificates displays error due to a bug in Chrome
Bug on Chrome, revealed recently, led to errors when accessing HTTPS-sites from personal computers, as well as Android devices. Discovered…
-
Why cannot ignore security alerts associated with SSL-certificates
Be sure to keep in mind the simple truth: in any case it is impossible to ignore the security notices…
-
Comodo became partners of cPanel
Comodo and cPanel became partners, that allowing includes the ability to produce free AutoSSL TLS / SSL-certificates. This approach allows…
-
Facebook is working with companies to identify fake SSL-certificates
Facebook recently released a tool that is aimed at the detection of TLS / SSL fake certificates issued without the…
-
Protecting private keys has become the new standard
Certificate Authority Security Council recently renewed the minimum requirements for code signing, which apply to all certification centers. Previously, no…
-
Symantec shared thoughts about cybersecurity in 2017
According to Symantec, the new year will be a new era of cybercrime. The volume of malware will only increase.…
-
Drones is now getting digital TLS / SSL certificates
Trusted certificates are now spread to drones. A few days ago will be released the new service, which will validate…
-
The SSL-certificate for online shopping: do not take off without it!
Since the distant nineties to the present day, all web users are thinking about security. It is strange to assume…
-
Encrypting email – it always necessary certificates?
Not every email address with which you want to exchange secure email, have a valid certificate. In this case, to…
-
What you need to do to protect your site with SSL-certificate?
You work with the user data on your site? Are they secure? When a user enters credit card details or…
-
Your connection is not private – how to deal with this bug in Chrome
If you have encountered an error «Your connection is not private» in Chrome and understand that the page reload not…
-
What you need to check before buying the SSL-certificate
SSL - a popular tool to ensure internet security. Using SSL on all sites work as a shield for the…
-
SSL and HTTPS in 2017 – an important factor for ranking sites
A little bit of statistics: In 2004, Google announced that HTTPS should be used for each site in the web.…
-
Content site. No forms. Do I need an SSL-certificate for it?
As follows from the recommendations of Google, you must be sure to use the SSL-certificate on all Web sites. This…
-
9000 erroneously issued GoDaddy SSL-certificates have been revoked
An error occurred on Tuesday, led to the situation that GoDaddy was forced to withdraw a few thousand issued SSL-certificates.…
-
Important: The experts got the first collision of SHA-1
Rejection of the standard was too slow. On February 23, researchers, members of the Dutch Institute CWI, as well as…
Comments