We have just updated our AlwaysOnSSL API. The API now supports the synchronous ordering of TLS certificates with up to 2048-bit RSA, 4096-bit RSA and ECC (previously only 2048-bit RSA).
Despite numerous changes on the part of the Certification Authority, as a customer of CertCenter AG you do not have to make any adjustments to your existing connection to the CertCenter API. Your existing mod_fauth integration will also remain compatible.
For the generation of certificates with larger RSA keys or ECC only a CSR generated accordingly is necessary (with 4096-bit RSA or ECC key). The CertCenter API then intelligently interprets the rest and does the work for you in the background.
Initiative to Help Thousands of Websites Stay Operational as Google Distrusts Certain SSL Certificates with next Release
CertCenter, an independent certificate management company, and Comodo CA, a worldwide leader in digital identity solutions, have joined forces to help customers keep their websites operational in the wake of Google’s plan to distrust certain TLS/SSL certificates, starting with the release of Chrome 66. Continue reading
To meet our growing customer demands to provide solutions from a variety of trusted Certification Authorities(CA), we welcome one of the world’s largest TLS/SSL certificate providers, Comodo CA , as a new participant in our CA Partner Program and a strategic partner of CertCenter AG. Continue reading
As part of continuous improvement to our systems, we are disabling support for TLS 1.0 in our systems. Only TLS 1.1 and 1.2 will be supported going forward. This is in accordance with Industry practice for improved security. If you are a user of CertCenter Extranet, please make sure that your browser supports TLS 1.1/1.2. If you use our APIs, please make sure that your systems access the API over TLS 1.2 (at least TLS 1.1).
We anticipate this update will be made on the following dates:
- Production – 1st August 2016, 8am Pacific Standard Time (PST)
This post will give our reader a brief overview in our work in the Hosting & CDN environment. It will outline how SSL/TLS automation can be implemented secure, is cost-neutral, and compliant to small and medium hosts: Continue reading
The CertCenter RESTful API was developed to grant easier access to CertCenter resources. It’s simpler than the CertCenter XML/SOAP API, and also grants third party developers access to CertCenter resources. To do this, we exclusively use authentication via OAuth2 in our CertCenter RESTful API. This may sound complicated; but here’s how it works: Continue reading
After the expansion of our IT infrastructure and the recent layout enhancements of the CertCenter Certificate Manager in Q2+Q3, we plan to integrate new cutting edge features into our system. These new features will improve both your recurring administrative tasks as well as your infrastructure security.
Qualys SSL Labs Integration
As announced on Twitter a few days ago, we’ve integrated the popular Qualys SSL Labs Ranking into CertCenter. With just a few clicks you can display the corresponding servers most recent ranking in the list of your SSL/TLS Certificates. This way you can see if any action is required.
Manual (re-)checking of all of your servers on ssllabs.com is now obsolete. Administrators can save time and increase the security of their IT infrastructure with a simple glance at the CertCenter Dashboard.
CertCenter customer and partners can obtain the ssllabs related reports either through the web-based CertCenter Manager, through the CertCenter XML/SOAP API, or CertCenter RESTful API.
The Ranking can be displayed by clicking the symbol in the overview of your certificates.
Effective April 1st, 2015, the CA/B Forum is reducing the maximum validity of OV (Organization-Validated) and DV (Domain-Validated) SSL Certificates to 36 months in order to increase SSL/TLS security. Under these guidelines, no CA or their partners should offer OV/DV SSL Certificates with a term of validity greater than 3 years. As of March 9th, 2015, Symantec will only sell OV and DV SSL Certificates with a maximum validity of 3 years. This restriction applies to new certificate issuance as well as renewals. Beginning April 1st, 2015, if you need to reissue your SSL Certificate, the maximum validity allowed will be 36 months.