The maximum life-time of Entrust public certificates will be reduced to 398 days because Apple will change the policy in the Safari browser

Apple informed in the CA/Browser Forum meeting held in Bratislava on week 8 that starting from 1.9.2020 the Safari browser will accept only new SSL certificates which are valid at most for 398 days. There will be a warning if the life-time exceeds this value. Certificates created before 1.9.2020 may have also longer life-times (e.g. 2 years). As a result also Entrust Datacard has announced that in the future the maximum life-time of Entrust certificates will be reduced to 398 days. We will inform our customers when this change is official.

Continue reading “The maximum life-time of Entrust public certificates will be reduced to 398 days because Apple will change the policy in the Safari browser”

Who’s afraid of The big bad site – no one soon!

Bad site is not just a bad dream, but reality

Back in 2016 I wrote an article under the the title Who’s afraid of the big bad site (unfortunately it is in Finnish). You can find that article here . The point in the article was that browsers are doing a great job trying to prevent users from ending up on a phishing site. This is a good thing, but nowadays the browsers categorises all sites running HTTPS Secure, not matter what the content or who is running the site. Unfortunately this has gone even more difficult for a common internet surfer now that Google..

Continue reading “Who’s afraid of The big bad site – no one soon!”

New methods for domain verification

In verification for SSL certificates there are two parts: 1) verifying the organization and 2) making sure that the organization has control over the target domain. Previously the latter was typically confirmed by looking at the WHOIS information. If the organization owned the target domain, that was sufficient. This method was declined by CA Browser Forum in spring 2018. At the same time, GDPR compliance caused some issues with the use of Method 2 where the email address found in the WHOIS record for the domain name was no longer provided. This meant that we could no longer use this information to contact the domain name registrant to confirm authorization to issue a certificate with the requested domain name.

Continue reading “New methods for domain verification”

What means verification?

I am a one of Wesentra’s three verification specialists and I have been trained and certified by Entrust Datacard. Our job is to find all needed information, verify their organizations’ legal existence, contact customers and check their intention for getting an SSL/TLS certificate as well as help them with the verification process. We prepare the needed verification documents and an auditor from Entrust Datacard checks the documents and either accepts the verification or asks for more information. Entrust Datacard has authorized four partners globally to do this verification work, Wesentra is the only one in Europe.

Continue reading “What means verification?”

Video streams from our seminar on Feb-6 and highlights from session “SSL/TLS certificates – what lies ahead?”

Our seminar ”Electronic signing, PKI Management and SSL certificates” on Feb-6 2019 was attended by over 40 professionals with lots of experience about cyber security. The seminar was streamed on-line to the net and it is still available as recordings. This article provides the links to the recordings and the material as well as highlights from the third session.

Continue reading “Video streams from our seminar on Feb-6 and highlights from session “SSL/TLS certificates – what lies ahead?””

Video streams from our seminar on Feb-6 and highlights from session ”PKI Management and Managed PKI”

Our seminar ”Electronic signing, PKI Management and SSL certificates” on Feb-6 2019 was attended by over 40 professionals with lots of experience about cyber security. The seminar was streamed on-line to the net and it is still available as recordings. This article provides the links to the recordings and the material as well as highlights from the second session.

Continue reading “Video streams from our seminar on Feb-6 and highlights from session ”PKI Management and Managed PKI””

Video streams from our seminar on Feb-6 and highlights from session ”Electronic signing, digital signing, eIDAS, PadES”

Our seminar ”Electronic signing, PKI Management and SSL certificates” on Feb-6 2019 was attended by over 40 professionals with lots of experience about cyber security. The seminar was streamed on-line to the net and it is still available as recordings. This article provides the links to the recordings and the material as well as highlights from the first session.

Continue reading “Video streams from our seminar on Feb-6 and highlights from session ”Electronic signing, digital signing, eIDAS, PadES””

Wesentra was named the SSL Partner of the Year EMEA

With our CTO Harri Tuuva we attended the Entrust Datacard’s Global Partner Conference in London last June. During the conference we heard market updates on current situation in SSL-world and also,  information on other solutions provided by Entrust Datacard. As a part of the conference, Entrust Datacard rewarded their strategic partners and Wesentra was named the SSL partner of the Year EMEA.

Continue reading “Wesentra was named the SSL Partner of the Year EMEA”