SSL Comparison of Top Certificate Authorities: RapidSSL, Comodo, Godaddy, and GlobalSign
An SSL Certificate is a form of digital certificate that uses cryptographic keys to secure communication on a website or web server. Certificate Authorities issue these SSL Certificates so that websites can be authenticated. As such, CAs are crucial in maintaining the security and transparency of the internet and ensuring that visitors don’t provide sensitive information to websites that are either not legit or susceptible to security threats.
ERR_SSL_PROTOCOL_ERROR in Google Chrome – Troubleshooting Guide
SSL protocol errors are a pain in the butt and Google Chrome’s ERR_SSL_PROTOCOL_ERROR is the absolute worst. For many internet users, this is their first experience with SSL/TLS and it’s not a good one. Fortunately, we know how to fix it for you. After all, SSL is kind of our thing.
Step-by-step instructions for importing and exporting Mavericks SSL certificates
Mac OS X Mavericks is the tenth generation of Apple’s Mac OS X (macOS) operating system. It was released in the Fall of 2013 and emphasized better battery life, improvements to its Finder and improved iCloud integration. A fun fact about OS X Mavericks, it is named after a famed surfing location in Northern California, representing the first OS named after a location in California as opposed to a type of cat, which had been used for all previous OS updates.
Everything you need to know for managing SSL certificate on MS Exchange Server 2016
Microsoft Exchange Server 2016 is one of the most widely-used and most popular server platforms in existence. So it only reasons that many people would like to know what SSL/TLS best practices are for MS Exchange 2016. That’s why we’re here.
View SSL certificate in Chrome, Firefox, Safari & Edge/IE
Sometimes it’s important to read the label. Like before you purchase food at the supermarket or after you’ve already downed half-a-dozen pills. On the internet, things are no different. Sometimes when you arrive at a website it’s good to read the label.
Google Chrome, the most popular browser on the planet, has just rolled out an update of version 68 and it’s one of the most crucial Chrome updates in recent times. The reason behind this is the decision of Google to mark all HTTP sites as ‘Not Secure.‘ Yes, you read it right. All websites serving content over HTTP will now be marked with a ‘Not Secure’ warning.
Here’s how you can use multiple SSL certificates on a single IP address, thanks to SNI
When you have multiple websites and want to run them on one IP address, you use name-based virtual hosting. Using a name-based host, you can quickly direct a user to the right site. However, this becomes a problem while using SSL/TLS certificates. That’s because SSL/TLS involves a handshake between client and server. HTTP header can only be sent after the handshake. As a result, the server doesn’t know which website it should serve. That’s why forces some people to purchase separate IP address
Steamline Process to Get Reissue or Replace Your Symantec SSL Certificate
As of October 31, 2017, DigiCert, Inc. has officially acquired Symantec’s Certificate Authority business. This move didn’t come as a surprise considering Google’s plans to distrust the SSL/TLS certificates of Symantec and its subsidiary CAs, namely GeoTrust, RapidSSL, and Thawte in Chrome, the most famous browser in the world.
This distrust has been divided into two parts by Google depending upon the issuance date. The first phase will begin with the launch of Chrome 66, expected to be released in March 2018. And the second part in October 2018, with the launch of Chrome 70.
To avoid this distrust and security warnings, existing customers of Symantec, GeoTrust, RapidSSL, and Thawte will need to reissue/replace their certificates from DigiCert’s infrastructure before the deadlines.
Here is the timeline of Google’s plans:
December 1, 2017: As of this date, Google has required that TLS certificates no longer be issued by Symantec roots, but must be issued by another CA. As of December 1, DigiCert will be issuing all certificates for Website Security customers. This date does not mandate any immediate certificate changes, but officially transfers validation and issuance of Symantec certificates to DigiCert systems. From this date forward, Symantec customers can begin to request free replacement certificates. These replacement certificates will be valid through the issuance to the end of the certificate validity period.
~March 15, 2018: Chrome beta will distrust certificates issued by Symantec before June 1, 2016. The public release of Chrome is expected on April 17, 2018.
~September 13, 2018: Chrome beta will distrust all certificates issued by Symantec. The public release of Chrome is expected in mid-October of 2018.
Now you must be wondering: “Do I need to reissue my SSL certificate? When do I need to renew my certificate?” Well, let us put in simple terms. Here’s all you need to know:
If your certificate was issued before June 1, 2016, you’d need to reissue/replace your certificate before March 15, 2018.
If your certificate was issued after June 1, 2016, and before December 1, 2017, you’ll need to reissue/replace your certificate before September 13, 2018.
And if your issuance date is after December 1, 2017, you don’t need to reissue your certificate.
Here’s a picture to make the picture clearer:
Now that you know when to reissue your certificate, you must have some questions regarding the renewal process. Let us answer them for you.
Do I need to pay any charges for reissuance?
No. The reissuance is entirely free.
I issued a certificate from GeoTrust/RapidSSL/Thawte. Am I eligible for the reissuance?
Yes, totally. In case you are not sure whether your certificate is eligible for reissuance or not? You could check your certificate through Symantec SSL/TLS Certificate reissue checker tool. Simply add your domain name and click “Check Now” button and see the result.
Do I need to undergo the vetting process if I have OV/EV certificate?
Yes, you’ll need to. As your “new” certificate will have to be issued from DigiCert’s infrastructure, they will need to verify your details.
How good is DigiCert?
Pretty good we’d say. DigiCert has established itself as the premium provider of high-assurance digital certificates. When it comes to the validation process, DigiCert comes second to none thanks to its super-efficient PKI infrastructure. Where it takes days for other CAs to issue certificates, DigiCert does this in minutes.
How to Reissue?
If you’re one of our existing customers, follow the steps given in this link to for a seamless reissuance experience.
If you’re not one of our customers, you either need to contact your vendor or do it directly by going to your CA portal. Here are the links:
Everything you need to know about SSL, encryption, and HTTPS
So, a while back I’m sitting at my desk and I get an email from this fellow on our Search Engine Optimization team. Sometimes the SEO team sends me suggestions on what to write. This particular piece of electronic mail suggested I work on “The Mega Guide on SSL Certificates for Best Encryption Knowledge.”