Category: Certificate Type

Removal of the Client Authentication EKU from TLS Server Certificates – What You Need to Know

Overview Beginning September 15, 2025, SSL.com’s TLS server certificates will be issued without including the Client Authentication extended key usage (EKU) extension. This change is

Supported Cloud HSMs for Document Signing and EV Code Signing

SSL.com supports AWS CloudHSM, Azure Dedicated HSM, and Google Cloud HSM for issuance of EV Code Signing and Document Signing certificates.

What is HTTPS?

Discover how HTTPS secures online communications through encryption, authentication, and integrity checks, ensuring a safe browsing experience.

Cybersecurity Essentials for Engineering Firms: Protecting Innovation and Data

Engineering firms face increasingly complex cybersecurity threats as supply chains become more interwoven and adversaries grow more sophisticated. Safeguarding sensitive data such as design schematics,

Key Generation and Attestation with Yubikey

How to generate a key pair and attestation certificate on your YubiKey FIPS to order EV code signing and document signing certificates.

An Introduction to Certification Authority Authorization (CAA)

SSL.com’s in-depth look at Certification Authority Authorization (CAA) and how it can help protect your website, your business – and your online reputation.

Created by the Internet Engineering Task Force (IETF) and described in RFC 6844, CAA lets the owner of a domain name authorize designated and specific Certification Authorities (CAs) to issue SSL certificates for their domain name.

Subordinate CAs and Why You Might Need One

Learn about Subordinate Certificate Authorities (Sub-CAs), their crucial role in PKI infrastructure, key benefits for organizations, and implementation best practices for secure certificate management.

Install an SSL Certificate on a Tomcat or Java-based Web Server

How to install an SSL Certificate on a Java-based Web Server.

Understanding CAA Check Failures and How to Resolve Them

Overview Certification Authority Authorization (CAA) records allow domain owners to specify which Certificate Authorities (CAs) can issue TLS certificates for their domains. CAA mandates that

How to Automate EV Code Signing With Signtool.exe or Certutil.exe Using eSigner CKA (Cloud Key Adapter)

eSigner CKA (Cloud Key Adapter) is a Windows based application that uses the CNG interface (KSP Key Service Provider) to allow tools such as certutil.exe

SSL.com to Deprecate Domain Contact-Based Email Domain Control Validation on December 2, 2024

Starting December 2, 2024, the WHOIS-based email domain control validation (DCV) method to obtain SSL/TLS certificates will no longer be accepted by SSL.com. It has

How Simple Passwords and Employees Put Cybersecurity at Risk

Discover how simple passwords and employee negligence can jeopardize your organization’s cybersecurity, and learn practical steps to strengthen your defenses against cyber threats.

FAQ: Getting Started With Your Code Signing Certificate

This FAQ answers common questions about getting started signing files with your SSL.com EV Code Signing certificate and YubiKey FIPS token.

Code Signing Certificates, Cloud Signing Options and Signing Operations Integration

What is a Code Signing Certificate? A code signing certificate is a digital certificate that provides a globally accepted proof of identity of a software

Send a Secure Email using S/MIME Certificate in the new Outlook for Mac

This guide provides MacBook users instructions on how to enable an SSL.com S/MIME certificate on the new Outlook for Mac and use it to digitally

Enabling Third-Party Signing Certificates with eSigner Cloud Signing

This guide explains how SSL.com’s eSigner cloud signing service stores third-party digital certificates and their associated private keys. eSigner provides a convenient and secure way

Performing Attestation Using Fortanix DSM

Background As of June 1, 2023, SSL.com has stopped issuing code signing certificates as downloadable PFX files, aligning with new key storage requirements set by

Generate a Certificate Signing Request in Azure Key Vault

Prerequisites An Azure Key Vault (Premium Tier). The Azure Key Vault service tier that should be used for this process is Premium because it is

SSL Certificate Expiration Guide

Why do SSL Certificates Expire? Think of an SSL certificate as a passport for your website, verifying its identity and ensuring secure connections. Just as

Implementing Code Signing with Google Cloud HSM

Certificate Authorities like SSL.com have recently heightened the key storage standards for Code Signing Certificates, now mandating the storage of the certificate’s private key either

Bulk Enrollment of Organization Validation (OV) S/MIME Certificates

SSL.com provides a convenient way to order and enroll a large volume of Organization Validation (OV) S/MIME certificates through our bulk order tool. This guide

S/MIME Installation for Outlook Android and iOS

Requirements for S/MIME Setup To ensure optimal security in Exchange Online, it’s crucial to configure S/MIME according to the guidelines specified in the ‘Configure S/MIME

How to publish your S/MIME certificate to a Global Address List (GAL)

What is a Global Address List (GAL)? A Global Address List (GAL) is a centralized directory of email addresses and contact information within an organization’s

What Is a Certificate Authority (CA)?

Certificate authorities (CAs) are critical in securing online communications and identities. But what exactly does a CA do? And how do they establish trust online?

eSigner Signing Credential Guide

What is an eSigner Signing Credential A signing credential is like an “ID” or a unique identifier that can be assigned to a person or

Category: Certificate Type

We’d love your feedback