A group of self-selected researchers used CT logs to seek out syntactical errors among EV SSL certificates recently. Examples of syntactic errors include a misspelled city/state, registration of jurisdiction including the applicant’s city/state or the inclusion of a value in a field that should be left blank. Unfortunately, when such syntactic errors are found, CA/Browser […]
SSL
SSL & TLS – what’s the difference?
Here at Trustico, we are often asked by our customers if we offer TLS certificates, as our website only advertises ‘SSL certificates’. This is a completely reasonable question for those not well-versed in cryptographic protocols. After all, if your web host asks you for a TLS certificate and you see search results mostly for SSL […]
Private key – what is it and what does it do?
What is a Private Key? A private key is a piece of code created alongside your Certificate Signing Request (CSR). These are generated on your server or other generation tool. After that, CSR is then used to create your SSL Certificate, otherwise known as the public key. These keys work together to encrypt and decrypt […]
Why haven’t I received my validation email?
What is a validation email? A validation email, referred to by Trustico as an approver email, is a form of Domain Control Validation (DCV) which proves ownership of a domain when applying for an SSL certificate. Where is it sent? As per CA/B Forum rulings that dictate the SSL certificate industry, the approver email can […]
How to correctly generate a CSR for SSL
An SSL certificate can only be generated with a CSR. It contains all the information required for the certificate, such as the domain name and country code. CSR stands for Certificate Signing Request. What is a CSR? A CSR is a block of encrypted text you send to the Certificate Authority (CA) to generate an […]
CAA records – what are they and why use them?
Using CAA records will ensure your domain/s aren’t issued any SSL certificate/s you didn’t apply for — whether malicious or accidental. What is CAA? CA stands for Certification Authority — an entity that issues SSL Certificates. CAA stands for Certification Authority Authorization — a mechanism where you choose which Certificate Authorities can issue your domain […]
WHOIS and SSL/TLS certificate validation
Domain Control Validation (DCV) must be completed before an SSL/TLS certificate can be issued. This proves to the issuing Certificate Authority (CA) that the individual applying for the SSL/TLS certificate has control over the domain they are securing. An email to a WHOIS registered email address is a common way of doing so. Approver email […]
Why you should renew your SSL/TLS Certificate early
Recently, popular business and employment service LinkedIn allowed one of their SSL/TLS certificates to expire before renewing. This left users with a certificate error when navigating around LinkedIn posts. Causing much user confusion, it quickly became the object of Tweets and online articles. Though brief, the certificate downtime clearly caused negative publicity for LinkedIn, a […]
Will my SSL Certificate secure the www. subdomain?
It’s safe to say that www. is the most commonly secured subdomain on the World Wide Web. Many domain owners have their www. subdomain as an exact copy of the root domain due to the commonness of searching for a site by beginning with ‘www.’. Naturally, when securing a domain with SSL, one might wonder […]
Understanding SAN certificates
A SAN certificate is an SSL/TLS certificate which hosts multiple domains and subdomains on the single certificate. It is often called a Multi Domain certificate. They are used for a number of reasons; from server limitations to sheer convenience. What is a SAN? To better understand what a SAN SSL/TLS certificate is, we will need […]