Disabling TLS 1.0 support

As part of continuous improvement to our systems, we are disabling support for TLS 1.0 in our systems. Only TLS 1.1 and 1.2 will be supported going forward. This is in accordance with Industry practice for improved security. If you are a user of CertCenter Extranet, please make sure that your browser supports TLS 1.1/1.2. If you use our APIs, please make sure that your systems access the API over TLS 1.2 (at least TLS 1.1).

We anticipate this update will be made on the following dates:

  • Production – 1st August 2016, 8am Pacific Standard Time (PST)

New Apache modules allows web hosts to use file-based SSL certificate validation w/o using files

This post will give our reader a brief overview in our work in the Hosting & CDN environment. It will outline how SSL/TLS automation can be implemented secure, is cost-neutral, and compliant to small and medium hosts: Continue reading

Invitation to the WorldHostingDays 2016 in Rust, Germany

We are launching some awesome new products!

In celebration of these new products, we would like to invite you to the WorldHostingDays 2016. This event takes place at the cozy Europa-Park in Rust, Germany, March 15th-17th 2016, with more than 6,000 participants and160 exhibitors from all over the world.

Continue reading

How Does Accessing the CertCenter RESTful API Work?

The CertCenter RESTful API was developed to grant easier access to CertCenter resources. It’s simpler than the CertCenter XML/SOAP API, and also grants third party developers access to CertCenter resources. To do this, we exclusively use authentication via OAuth2 in our CertCenter RESTful API. This may sound complicated; but here’s how it works: Continue reading

Qualys SSL Labs Server Ranking is Now Integrated Into the CertCenter (+API)

After the expansion of our IT infrastructure and the recent layout enhancements of the CertCenter Certificate Manager in Q2+Q3, we plan to integrate new cutting edge features into our system. These new features will improve both your recurring administrative tasks as well as your infrastructure security.

ssllabs-integration-en

Qualys SSL Labs Integration

As announced on Twitter a few days ago, we’ve integrated the popular Qualys SSL Labs Ranking into CertCenter. With just a few clicks you can display the corresponding servers most recent ranking in the list of your SSL/TLS Certificates. This way you can see if any action is required.

Manual (re-)checking of all of your servers on ssllabs.com is now obsolete. Administrators can save time and increase the security of their IT infrastructure with a simple glance at the CertCenter Dashboard.

CertCenter customer and partners can obtain the ssllabs related reports either through the web-based CertCenter Manager, through the CertCenter XML/SOAP API, or CertCenter RESTful API.

The Ranking can be displayed by clicking the icon symbol in the overview of your certificates.

Symantec Further Improved OCSP Performance

OCSP (Online Certificate Status Protocol) is a new way to validate the revocation status of X.509 digital certificates. OCSP has superseded the previous protocol CRL (Certificate Revocation List) and improves upon some of its shortcomings.

A major limitation of CRL checking is that updates must be frequently downloaded in order to maintain a current list of valid X.509 certificates from the client. This in turn can put a burden on the client’s network and calling resources. OCSP responses contain less information than CRL checking, which in turn decreases the burden on the client network.

Symantec further improved OCSP performance by building a highly efficient and responsive OCSP infrastructure to ensure X.509 validity can be checked quickly and with minimal effort from the client. The result is that Symantec is the fastest in the industry in determining X.509 digital certificate status.

OCSP checking

This is another example where Symantec is consistently working to improve the user experience while managing X.509 certificates within the demands of the modern Internet.

 

CertCenter Demonstrates How SSL Certificates Can be Issued up to 288 Times Faster

Download Case Study

Download Case Study

For a website, trust means business. Symantec SSL Certificates and the Norton Secured Seal displayed with them form the most trusted mark on the Internet. One reason this is true is that to use these assets, an organization must have its identity carefully validated. Now, customers can take advantage of a new feature called Symantec Ready Issuance and get new or renewed Symantec SSL Certificates as much as 288 times faster. CertCenter, a Symantec Website Security Partner, shows how the new feature works.

Why Wait?

Getting Symantec SSL certificates is now faster and easier.

“Customers who ordered or renewed an Organization-Validated SSL certificate used to have to wait at least a day to get it”, says Carsten Müller, CEO at CertCenter, a leading Symantec Website Security Partner. “Now, using Symantec Ready Issuance, customers can get their certificate in 10 minutes – about 288 times faster than before”.

Read the full story (PDF) ..

(German version available ..)