Commercial SSL certificates are often described in quite simple terms, for the sake of clarity. This is so the basic idea behind them can be understood by everyone, not just those with a web tech background. But when a web browser connects to a website with an SSL certificate, there’s actually a lot going on behind the scenes in order to establish a secure HTTPS connection. Today we’re going to focus on an integral part of that connection: Cipher Suites.
Let’s answer this question right off the bat: it’s unlikely. Though not impossible, the chances of an SSL certificate itself being hacked is incredibly slim. However, just because you have an SSL installed, that doesn’t mean your website isn’t vulnerable in other areas. Misunderstandings about an SSL being “hacked” tend to come from confusion about what an SSL actually does for a website. Let’s clear up some of that confusion, shall we?
We’ve talked before on this blog about how installing an SSL on your site is a necessity, no matter what kind of site you have. Far beyond just being a requirement of Google Chrome and most major browsers these days, SSL brings an added layer of protection to anyone visiting your website. If your website visitors are also customers or potential customers, then having SSL protection is a no-brainer.
On May 30, 2020, Sectigo’s AddTrust External SHA-1 CA Root will expire. What does this mean and do you need to worry about it? In all likelihood, if you are using a device with up-to-date software, you don't have to worry. However, if you use the specific, aforementioned root, you will need to update applications or installations dependent on it by May 2020 or you may be at risk of outages or having error messages displayed.
It’s a pain to go through the process of installing an SSL certificate only to find that your site has “insecure content” and now won’t load on certain web browsers. When you try to access it, browsers may give you a message along the lines of “this page contains both secure and non-secure data”. Perhaps understandably, people tend to automatically go blame the SSL certificate itself for causing the problem. After all, wasn’t the SSL supposed to make their site more secure than ever? However, the issue of insecure content points to a problem with a website’s coding rather than an SSL.
The coronavirus pandemic has had an unprecedented impact on modern society. Around the world, many people are sick. Some have died. To slow down the spread of the virus and “flatten the curve”, numerous cities and countries have put in place social distancing measures, if not a complete lockdown.
When you purchase an SSL certificate from a trusted Certificate Authority you have the option of putting a secure site seal on any page of your site. A site seal is essentially a small graphic logo that features the name of the Certificate Authority you bought your SSL from. It will indicate in some manner that your website has been validated and secured.