Google Makes Certificate Transparency Mandatory On Chrome.

Last year Google once again flexed its muscles by announcing the requirement for Certificate Transparency for all new SSL/TLS certificates in October 2017. This has since been pushed back until April 2018. This requirement means that Chrome will no longer trust new SSL/TLS certificates that are not qualified for Certificate Transparency (CT). CT is a method to publish all certificates in one or more publicly available CT logs, which meet the qualification requirements established by Google. CT logs can be audited to ensure they are honest. Domain owners and people all over the world can use the CT logs to monitor their domains and discover SSL/TLS certificates for more detailed information on CT visit our article What is CT? Certificate Transparency Benefits? […]

Read More

What is Certificate Transparency?

Google’s Certificate Transparency is an open source project that aims to strengthen the SSL/TLS certificate system, which is the main cryptographic security system that underlies all HTTPS secure connections. It is a extra tier of certificate security that forms a Security Triad to ensure that clients navigating the internet are safe and secure in regards to web security. What Is Certificate Transparency (CT)? As the name implies, CT allows people on the internet to look at all certificates that have been issued by a Certificate Authority (CA). This is achieved using centralized logging to a collection of servers. These log servers talk to one another, to ensure consistency and reveal any unusual activity. Anyone can query the log servers to find out […]

Read More

Troubleshooting: Unsecured or Mixed Content – “Your connection to this site is not fully secure”

Mixed Content warnings happen with all certificates now regardless of certificate type.  The most drastic loss in functionality though is EV certificates. Even though an Extended Validation (EV) SSL certificate may have been installed in https (The channel of the website that performs encryption) on a website some browsers may require that the entire site, all resources, images, and links be secured within in https as well. Failure to do this may turn off the EV green URL bar. Which is a desired feature when purchasing a EV SSL certificate.  If the certificate is not an EV SSL certificate, just a Domain Validated (DV) or Organization Validated (OV) SSL certificate  then typically there may be a padlock missing near the URL bar even though […]

Read More