It has been almost a year since Symantec’s hitherto unscathed reputation in the certificate business was shaken because of inconsistencies in the vetting process of some Symantec RAs and the subsequent gloomy forecast by Google’s Chromium team. Every day, you may find articles in the international press that contain sentences such as, “Google plans to stop trusting current Symantec certificates.” However, such headlines seem to come out of thin air, as they are all about certificates issued before June 1, 2016. These also retain the usual compatibility after a free certificate replacement (re-issue), even after April 2018. Continue reading
Effective April 1st, 2015, the CA/B Forum is reducing the maximum validity of OV (Organization-Validated) and DV (Domain-Validated) SSL Certificates to 36 months in order to increase SSL/TLS security. Under these guidelines, no CA or their partners should offer OV/DV SSL Certificates with a term of validity greater than 3 years. As of March 9th, 2015, Symantec will only sell OV and DV SSL Certificates with a maximum validity of 3 years. This restriction applies to new certificate issuance as well as renewals. Beginning April 1st, 2015, if you need to reissue your SSL Certificate, the maximum validity allowed will be 36 months.
Many businesses rely on the Microsoft Exchange Server for their internal and external messaging. The Exchange Server is usually designated as “server“ or ”server.local“ within the internal network.
By now you may already know about the Turkish Certification Authority TÜRKTRUST, which has mistakenly issued two Intermediate Certificates for two companies in Turkey.