SSL

Two factor options

Simon Cooper
11 September 2014 at 8:03pm
Token
sms
TOTP
user authentication
SSL
In some online services specific functions to be carried out present good use cases for adding increased assurance to the authentication of the user logging in to perform such a task, for example to sign domains with DNSSEC or for the approval of Extended Validation SSL certificate requests.
Read more

OU Field Update

Andrew Simpson
11 August 2020 at 9:39am
SSL
Certificate Service
Organization Unit
Please see further update from QuoVadis on the OU field Issue: Retiring the OU field for public TLS/SSL  QuoVadis will turn off the Organizational Unit (OU) field for all new public TLS/SSL certificates starting on August 31, 2020 at 00:59. This will affect new, reissued, and renewed certificates. Existing certificates with OUs are not affected (and do not require revocation or replacement). 
Read more

FAQ for change to domain validation process

Andrew Simpson
21 September 2018 at 10:46am
jcs
SSL
certificates
domain validation
WE ENCOURAGE CUSTOMERS TO VALIDATE DOMAINS IN ADVANCE TO AVOID POSSIBLE LENGTHY DELAYS IN PROCESSING CERTIFICATE REQUESTS Q1) What is the change? From 1 August, new industry regulation states that Certificate Authorities (CAs) must no longer rely on checking a public WHOIS record to validate domain ownership. Instead, customers requesting a certificate must demonstrate a ‘positive interaction’ to show they have control over/ownership of the domain to be used in a certificate.
Read more

S/MIME Certificates For Digitally Signing Emails

Simon Cooper
13 February 2018 at 2:34pm
S/MIME
SSL
jcs
certificates
email
We're pleased to announce that from today the service can provide end user certificates, which are used for digitally signing and encrypting emails. These are called S/MIME (Secure/Multipurpose Internet Mail Extensions) certificates. S/MIME are installed on email clients which then enable the end user to send digitally signed emails, giving recipients assurances that the email originated from the sender's account. By signing emails, recipients can also have confidence that the contents of the email has been been altered in transit.
Read more
22 December 2014 at 12:07pm

Protecting Users and Systems in 2015

Andrew Cormack
security
Privacy
SSL
TLS
web filtering
The steady growth in the use of encrypted communications seems likely to increase next year given recent announcements on both web browsers and servers. That's good news for security people worried that their users may be sending sensitive information such as passwords and credit card numbers over the Internet.
Read more

SHA-1 and Google Chrome

Simon Cooper
20 November 2014 at 4:56pm
SSL
certificate
SHA-1
jcs
SHA-1 and Google Chrome: 20 November 2014 On 18 November Google released Chrome 39 which will now result in users visiting web services secured with SHA-1 certificates that expire in 2017 being shown a grey padlock with a yellow warning triangle, instead of the usual recognisable green padlock.
Read more

SHA-256 service announcement

Simon Cooper
30 March 2015 at 1:32pm
SHA-1
SSL
jcs
Certificate Service
Availability of SHA-256 certificates: 14 October 2014We’re pleased to announce an agreement has been reached between TERENA and Comodo which will enable customers to obtain SHA-256 certificates. This is available with immediate effect and all certificates obtained from the service will be by default SHA-256.
Read more

Service Announcements

Simon Cooper
14 October 2014 at 12:13pm
SSL
https
certificates
x509
Availability of SHA-256 certificates: 14 October 2014We’re pleased to announce an agreement has been reached between TERENA and Comodo which will enable customers to obtain SHA-256 certificates. This is available with immediate effect and all certificates obtained from the service will be by default SHA-256.
Read more

How to claim back your certificate credit if you have been affected by the OpenSSL heartbleed bug

Simon Cooper
17 April 2014 at 4:39pm
SSL
jcs
OpenSSL Heartbleed
certificate
If you have been affected by the OpenSSL bug, dubbed ‘heartbleed’ and need to replace SSL certificates as a result of this vulnerability, we are happy to replace the certificate credit used to obtain the replacement certificate. Registered authorised users should first obtain the new SSL certificate in the usual way from their Janet Certificate Service account using the following link:  https://community.ja.net/apps/janet-certificate-service.  
Read more
Subscribe to SSL