Ask SSL Support Desk: I need a certificate that is FIPS 140-2 compliant. Are SSL Certificates FIPS 140-2 compliant?

What is Ask SSL Support Desk? It is a summary of random questions that have one to the attention of Acmetek’s most awesome technical support reps. Answered and shared for the SSL Support Desk’s SSL Library which is designed to teach and educate the community. Question: Are SSL Certificates FIPS 140-2 compliant?  Short Answer: Yes-ish.  But FIPS pertains more to the actual physical protection of digital certificate cryptographic modules. If a certificate authority such as Entrust, or Comodo did not follow the guidelines set by FIPS 140-2 compliance then they would be out of business. If you got a EV CodeSigning certificate you will definitely get a FIPS 140-2 compliant certificate. This is because the actual certificate is installed on […]

Read More

CA|B Forum Passes Ballot 193 – Deprecation of 3 Year SSL Certificates

The CAB Forum (CA Forum) is the governing body that moves the security of the internet with SSL Certificates. The CA/Browser Forum began in 2005 as part of an effort among certification authorities and browser software vendors to provide greater assurance to Internet users about the web sites they visit by leveraging the capabilities of SSL/TLS certificates. The Ballots they pass together are geared to propelling the internet into a more safer environment. What was passed in Ballot 193? Maximum SSL validity period will be restricted to 2 year (825 days / 27 months) effective March 1, 2018. Authentication domain and organization vetting will only be valid for 27 months effective April 22, 2017 What does this mean? Eventually there […]

Read More