Google Makes Certificate Transparency Mandatory On Chrome.

Last year Google once again flexed its muscles by announcing the requirement for Certificate Transparency for all new SSL/TLS certificates in October 2017. This has since been pushed back until April 2018. This requirement means that Chrome will no longer trust new SSL/TLS certificates that are not qualified for Certificate Transparency (CT). CT is a method to publish all certificates in one or more publicly available CT logs, which meet the qualification requirements established by Google. CT logs can be audited to ensure they are honest. Domain owners and people all over the world can use the CT logs to monitor their domains and discover SSL/TLS certificates for more detailed information on CT visit our article What is CT? Certificate Transparency Benefits? […]

Read More

Amazon Web Services (AWS) – CSR Generation SSL Installation using Digicert Certificate Utility

Some admins may enjoy the SSL Certificate that the Amazon Web Services (AWS) initially provides, but an admin may want to get or set up their own SSL Certificate from an outside CA. To do this they will have to generate a Certificate Signing Request (CSR). A CSR is a small encrypted piece of text which contains information about a certificate applicant and the domain name to secure. Once you activate the certificate with the help of CSR, the information passes to the Certificate Authority which validates the certificate based on the information from the CSR. The RSA private key is generated along with the CSR and plays an important role in encrypting the information. It should be stored safely […]

Read More

Troubleshooting: SSL Certificate Browser Errors

Troubleshooting SSL Certificate Web Browser Errors can vary depending on its cause. The following warnings are presented by web browsers when you access a site that has a security certificate installed (for SSL/TLS data encryption) that cannot be verified by the browser. Typically this is from a self signed certificate created by a server system for default encryption. Examples Microsoft Edge: “This site is not secure. This might mean that someone’s trying to fool you or steal any info you send to the server. You should close this site immediately.”   Internet Explorer: “The security certificate presented by this website was not issued by a trusted certificate authority.” Firefox: “The owner of selfsigned.websecurity.symantec.com has configured their website improperly. To protect […]

Read More

Digicert Certificate Utility – SSL Certificate (Guide)

The Digicert Certificate Utility is probably one of the best certificate encryption tool out on the net. A lot of people become scared with key-pair encryption but key-pairs/certificates are actually fundamental easy to figure out. You have a secret private key that rests on a system or application, and that system/application gives to another system/application the public key. From there they scrabble and authentication communication. That’s about it. The struggles with Encryption, and  SSL certificates is associated with the systems/applications that use them. Different applications from different venders tend to want things their own way, in certain formats, extensions, files, etc.. Key features of the  Digicert Certificate Utility that can help with the SSL Management  are.. SSL Certificate: Install certificates […]

Read More

Digicert Certificate Utility – SSL Export Instructions. (pfx or pem format)

Depending on the circumstance you may need to export your SSL Certificate to wherever else it is needed. The Digicert Certificate Utility allows you to export an SSL Certificate with its private key that has been generated from it from the following formats pfx or pem. This comes in handly with large typologies where not all server systems, firewalls, applications, etc.. handle Certificate keypair encryption the same way. So in a situation where you need to have you SSL Certificate Installed on both a Windows or an Apache system you can export the certificate off the Utility in either compatible format. Below are instructions on how to export your SSL Certificate Installed in the Digicert Certificate Utility in either pfx […]

Read More

Digicert Certificate Utility – CSR Generation & SSL Installation

The Digicert Certificate Utility is probably one of the best certificate encryption tool out on the net. A lot of people become scared with key-pair encryption but key-pairs/certificates are actually fundamental easy to figure out. You have a secret private key that rests on a system or application, and that system/application gives to another system/application the public key. From there they scrabble and authentication communication. That’s about it. The struggles with Encryption, and SSL certificates is associated with the systems/applications that use them. Different applications from different venders tend to want things their own way, in certain formats, extensions, files, etc.. Key features of the Digicert Certificate Utility that can help with the SSL Management  are.. SSL Certificate: Install certificates […]

Read More

CSR Generation – Digicert Certificate Utility – Code Signing

The Digicert Certificate Utility is probably one of the best certificate management tool out on the net. A lot of people become scared with key-pair encryption but key-pairs/certificates are actually fundamental easy to figure out. Unlike SSL certificates, code signing certificates perform the function of signing. Code signing certificates creates a tamper proof digital shrink wrap of your application software files and denotes to those who download or install the application who created/published it. Although Some Certificate Authorities my separate their Code Signing Products and have different ways to Enroll and Install. The Digicert Certificate Utility is cross platform meaning your can signing the following files with the same certificate. .exe, .cab, .dll, .ocx, .msi, .xpi, .xap, windows kernel-mode. Java. […]

Read More

How To Import Email (S/MIME) Certificate – Mozilla Thunderbird?

Before following these instructions, please make sure that you have a copy of your Client (S/MIME) Email Certificate in a PFX/P12 (PKCS#12) format. Typically this file will have a .p12 or .pfx extension consisting of both your public and private keys. When exporting your Client/Email Certificate from wherever it resides there may be a option to export the private key. This option will give you your pfx file. Some applications by default will automatically include the private key  thus giving you a pfx file. Note: These instructions are based on a Windows Operating System. Locations of the options presented below may vary in other operating systems. Step 1: Importing your Email Certificate into Thunderbird: Open Thunderbird. Click on the menu […]

Read More

WAMP Server (Wampserver) – SSL Installation

WAMP Server (Wampserver) is built off apache, a very custom environment and your system may differ. Below are generalized instructions. If you have a custom installation, you will need to adjust these instructions appropriately. Like the majority of server systems you will install your SSL certificate on the same server where your Certificate Signing Request (CSR) was created. Your private key will always be left on the server system where the CSR was originally created. Your SSL certificate will not work without this private key file. We will assume that this is the original system. Note: Locations may vary in different installations of Wampserver. Since Wampserver is built off Apache the instructions below are generalized. Apache is a very customizable […]

Read More

What Certificate Authorities Do & How Their SSL Certificate Security is Enforced.

  There has been a lot of misleading information flying around within the security industry and various tech blogs regarding Certificate Authorities (CA), Security, and the function of SSL Certificates. Lots of finger pointing with no foundation of knowledge on who does what. The confusion is how encryption keypairs work, controlled, and managed, vs what Certificate Authorities (CA) actually do when they issue their different certificate products, and how browsers enforce the security behind SSL Certificates. Security is not all in the hands of the Certificate Authorities (CA). It all started with a CA named VeriSign. What/Who Are The Certificate Authorities? VeriSign headquartered in Virginia became one of the world’s first and biggest CA, providing third party authentication of public […]

Read More