What Is a TLS/SSL Port? A TLS/SSL port is a portion of the network used for the creation of secure connections on the Internet using the Transport Layer Security or Secure Socket Layer. Such protocols are used for encryption and authentication so that data being exchanged between a client, like…
The Common Name (CN) in an SSL/TLS certificate is a field that identifies the main domain name that this certificate belongs to. It is used mainly as the primary means for verifying the identity of the domain while conducting safe communication over the World Wide Web. Originally, the CN field…
Google Chrome announced that it would distrust new TLS/SSL certificates from two certificate authorities (CAs): Chunghwa Telecom and Netlock, effective August 1, 2025, with the release of Chrome version 139. Apart from releasing new TLS/SSL standards, the Chrome announcement represents another significant step in Google’s campaign to demand accountability for…
What is Wildcard SSL? A Wildcard SSL certificate is a special type of SSL certificate designed to secure a single domain and all of its subdomains. Unlike regular SSL certificates that only secure one domain, a Wildcard SSL certificate uses a wildcard character (an asterisk, *) in the domain name…
In response to evolving browser policies and heightened security requirements, Sectigo and DigiCert both announced they will remove the Client Authentication Extended Key Usage (EKU) from public SSL/TLS certificates. It is part of a broader initiative to support Google Chrome’s Root Program and CA/Browser Forum best practices. It directs public…
If you run a website, especially one secured with a Free SSL Certificate, chances you are using Let’s Encrypt. They’re the game changers who made SSL certificates free and easy for everyone. However, as of June 4, 2025, a small change is coming that might catch some people off guard…
What Is SSL Inspection? SSL inspection is the term commonly used to refer to SSL/TLS decryption or SSL visibility, whereby encrypted SSL/TLS traffic is intercepted by a security appliance or software to be decrypted for further scrutiny. It allows organizations to inspect, filter, and intercept the encrypted traffic passing through…
A critical vulnerability in the SSL.com domain validation process allowed unauthorized parties to get the certificates on behalf of you or your organisation. SSL.com is one of the famous Certificate Authorities (CA) trusted by all major browsers. This Vulnerability is reported by security researchers; in their demonstration, they showed how…
The Shrinking Lifespan of TLS Certificates Remember when SSL certificates used to last three whole years? Then came the drop to one year. Painful, right? Well… brace yourself. By 2029, your SSL/TLS certificates will only last 47 days. Yes, just 47 days, and no, this isn’t a drill, and now…
What is Wildcard SSL? A Wildcard SSL certificate is a unique SSL certificate that protects a single domain and all its subdomains. In contrast to standard SSL certificates that secure only one domain, a Wildcard SSL certificate employs a wildcard character—an asterisk, *—in the domain name, enabling encryption for countless…
Because of critical weaknesses in the WHOIS system, the CA/Browser Forum has required that WHOIS-based Domain Control Validation (DCV) methods be retired. This change applies to all CAs, and there was a broader effort to improve the security and reliability of publicly trusted SSL/TLS certificates. To be compliant, all big…
DigiCert confidently continues to improve validations for digital certificates. At this time, it keeps up with new ideas and the new rules set by the industry for this much-needed release. Its latest development is an open-source library on Domain Control Validation. This makes it easier, more automated, and more dependable…
In a recent industry shift, Apple finally dropped draft proposal details for shortening the maximum public SSL/TLS certificates to 45 days by 2027. The announcement, made on October 9, 2024, as part of the CA/Browser Forum’s Face-to-Face meeting, received a positive boost from Sectigo, a significant player in the digital…
Certificate authority (CA) DigiCert has stated that they will invalidate many SSL/TLS certificates due to a critical domain validation flaw. This flaw, which affects over 83,000 certificates, is a serious issue as it undermines the process of verifying the rightful holders of domain names, a crucial aspect of SSL/TLS certificates.…
Google has recently shared that its Chrome web browser will now block web destinations relying on certificates from Entrust starting from approximately November 1, 2024. This action has been taken following several years of Entrust non-compliance and security challenges that the company has not been able to handle well. As…
Loading...
