This is a question we get frequently, so we thought we’d put together a page that explains why some testing sites are starting to flag SHA1 as “weak.” Various SSL Labs sites are available that will give you a rundown of what you’re doing right and what you could improve when you’re setting up TLS […]
Category: SSL Technical FAQ
How to Choose the Right Cipher Suites in Schannel.dll
Learn How to Use Only Certain Cryptographic Algorithms and Protocols in Schannel.dll Setting up your server correctly on Windows is important if you want to ensure you’re actually using the encryption algorithms to protect data that goes from the client (web browser) to the server and back again.
FAQ: If a certificate signing request was generated on server A (now defective) and i want to install the certificate on Server B (replacement), can this be done?
Moving certificates from one server to another is definitely possible. There are multiple criteria involved in determining how to move the certificate from one server to another. Please see the below articles to determine the proper way to move your certificate from one server to another:
INFO: IIS: Export Private Key Option is Grayed When Exporting a Server Certificate
In order to correct this problem, you will need access to the original certificate backup (.pfx) file. To ensure this problem does not happen in the future (should you want to export the private key again) make sure during the import process that you select the box “mark the private key as exportable.”
DV, OV and EV Certificates
Although all SSL certificates use similar methods to protect and validate your data, a useful way to categorize them is by validation method. Any certificate must be verified by the issuing Certificate Authority (or CA) to ensure that it is covering the correct, authorized site. This verification confirms at a minimum control of the domain. However, […]
How To: DER vs CRT vs CER vs PEM Certificates and How to Convert Them
Certificates and Encodings At its core an X.509 certificate is a digital document that has been encoded and/or digitally signed according to RFC 5280.
FAQ: Can I install more than 1 SSL certificate per IP address? Can I install multiple SSL certificates on a web server?
Until recently it has been impossible to install multiple SSL certificates for virtual hosts that are hosted on a single IP address. This has changed with a technology called Server Name Indication (SNI).
INFO: Important Notes on Generating a CSR
The Certificate Signing Request is a text file containing your organization’s information and server’s public key. The CSR is used to generate the certificate that will encrypt your information.
FAQ: How does the SSL process work?
The SSL process works as follows:
INFO: Browser Acceptance
SSL server certificates are trusted by over 99% of Internet users, The following browsers and versions are supported: