A Fully Qualified Domain Name (FQDN) is a domain name that specifies the exact location of a host within the tree hierarchy of the Domain Name System (DNS). In this scenario, ‘qualified’ means ‘specified’ since the full location of the domain within the DNS tree of hierarchy is specified in the name. If the name isn’t fully […]
Author: Mitchell Cornish
EV SSL Certificate syntactic error clarified

A group of self-selected researchers used CT logs to seek out syntactical errors among EV SSL certificates recently. Examples of syntactic errors include a misspelled city/state, registration of jurisdiction including the applicant’s city/state or the inclusion of a value in a field that should be left blank. Unfortunately, when such syntactic errors are found, CA/Browser […]
SSL common name mismatch error explained

What Is an SSL Common Name Mismatch Error? In the event there is a common name mismatch error when you land on your website, then the common name or SAN on your SSL Certificate does not match the domain or address bar in the browser. The message that appears will depend on the browser being used. Google […]
Digital Signature – what is it and how does it work?

A Digital Signature is a form of online encryption that ensures a message does not have its contents altered or tampered with during transit. It is the most secure and advanced form of electronic signature available. When your server digitally signs information it sends, it adds a one-way hash using the public and private key pair. This means that […]
SSL & TLS – what’s the difference?

Here at Trustico, we are often asked by our customers if we offer TLS certificates, as our website only advertises ‘SSL certificates’. This is a completely reasonable question for those not well-versed in cryptographic protocols. After all, if your web host asks you for a TLS certificate and you see search results mostly for SSL […]
How OCSP stapling works and why you should use it

OCSP stapling is an optional feature on most server types, often enabled by default. Let’s find out what it is, how it works, and why you should use it. What is OCSP stapling? SSL certificates encrypt Web communications so we can trust websites with our private information. But how do we know which SSL certificates […]
UCC SSL/TLS certificates explained

A Unified Communications Certificate (UCC) is a type of SAN (also known as multi domain) SSL/TLS certificate. A UCC lists a Fully Qualified Domain Name (FQDN) as a common name on the certificate. Each additional domain is listed as a SAN. This is different from a typical SAN certificate, where every single domain is listed […]
Can an individual acquire an SSL/TLS certificate?

An individual not associated with an organization nor a sole trader can have an SSL certificate issued to their domain/s. For instance, an individual’s blog will most often not be connected to an organization, thus requiring a non-organizational SSL certificate. It is important to understand which type of SSL certificates qualify as such. SSL certificate […]
SHA-1 Root Certificate – PCI Scanner Error

All major web browsers ceased acceptance of SHA-1 in 2017. Why then might you be receiving a warning from your server that a Certificate is in SHA-1? What is a PCI scanner? In order to reduce credit card fraud, the major credit card companies released a universal set of regulations — the Payment Card Industry […]
Private key – what is it and what does it do?

What is a Private Key? A private key is a piece of code created alongside your Certificate Signing Request (CSR). These are generated on your server or other generation tool. After that, CSR is then used to create your SSL Certificate, otherwise known as the public key. These keys work together to encrypt and decrypt […]