Question: What are EV Certificates? Answer: Extended Validation (EV) Certificates are SSL Certificates that have been issued after a rigorous validation process. The cryptographic strength and security of an EV certificate is no different than that of a DV (Domain Validated) or OV (Organization … [Read more...] about EV Certificates – Extended Validation Certificates
Question: What is a code signing certificate? Answer: A code signing cert is an X509 certificate specifically used to sign code or software. Unlike an SSL Certificate used to protect data transmitted to and from a server which also identifies a server, and also unlike a user certificate that may … [Read more...] about Code Signing Certificate
SSL Certificate expiration will occur after the not_after date on the certificate is passed. Now that most of the web is encrypted and depends on SSL certificates, one single expired SSL certificate can cause outages that affect millions of people at once. Or, it may only affect a few people, but … [Read more...] about SSL Certificate Expiration and SSL Certificate Renewal
What are SSL certificates? An SSL certificate is a file containing data about an organization or some entity along with a cryptographically secure public key. The SSL certificate is the centerpiece for providing secure transactions between a client a server by containing the public key for … [Read more...] about What are SSL certificates?
To view and parse a certificate with openssl, run the following command with the openssl x509 utility: openssl x509 -in example.com.crt -text -noout Where x509 is a certificate utility, -in example.com.crt is the certificate to view, -text means to print the full details of the certificate in … [Read more...] about openssl view certificate
What is Certificate Transparency? Certificate Transparency (CT) is an initiative and project in the Web PKI arena whose goal is to improve the robustness of the Web PKI, provide visibility into SSL/TLS certificate issuance to domain owners, business owners, CAs (Certificate Authority), and … [Read more...] about Certificate Transparency
A Certificate Signing Request (CSR) is the request file to be sent to a Certification Authority (CA) when requesting an SSL certificate. The CSR is created along with the public/private key pair and contains the public key. Examples are provided below on how to generate a CSR, and take note that the … [Read more...] about What is a Certificate Signing Request (CSR)?
On February 28, 2019 a CA Compliance bug was filed in the Mozilla NSS product that detailed a flaw where DarkMatter had mis-issued certificates having only 63 bits of entropy, instead of the required 64-bit serial number entropy. See https://wiki.mozilla.org/CA/Incident_Dashboard for incidents … [Read more...] about 64-bit Serial Number Entropy Recap – SSL/TLS Certificates