SSL/TLS Certificates to Move to 47-Day Validity by 2029
The CA/Browser Forum has officially approved a phased reduction in SSL/TLS certificate lifespans, aiming for a maximum validity of just 47 days by 2029. The
Read More »
Category: Certificate Type
Removal of the Client Authentication EKU from TLS Server Certificates – What You Need to Know
Overview Beginning September 15, 2025, SSL.com’s TLS server certificates will be issued without including the Client Authentication extended key usage (EKU) extension. This change is
Read More »
Supported Cloud HSMs for Document Signing and EV Code Signing
SSL.com supports AWS CloudHSM, Azure Dedicated HSM, and Google Cloud HSM for issuance of EV Code Signing and Document Signing certificates.
Read More »
What is HTTPS?
Discover how HTTPS secures online communications through encryption, authentication, and integrity checks, ensuring a safe browsing experience.
Read More »
Cybersecurity Essentials for Engineering Firms: Protecting Innovation and Data
Engineering firms face increasingly complex cybersecurity threats as supply chains become more interwoven and adversaries grow more sophisticated. Safeguarding sensitive data such as design schematics,
Read More »
Key Generation and Attestation with Yubikey
How to generate a key pair and attestation certificate on your YubiKey FIPS to order EV code signing and document signing certificates.
Read More »
An Introduction to Certification Authority Authorization (CAA)
SSL.com’s in-depth look at Certification Authority Authorization (CAA) and how it can help protect your website, your business – and your online reputation.
Read More »
Created by the Internet Engineering Task Force (IETF) and described in RFC 6844, CAA lets the owner of a domain name authorize designated and specific Certification Authorities (CAs) to issue SSL certificates for their domain name.
Subordinate CAs and Why You Might Need One
Learn about Subordinate Certificate Authorities (Sub-CAs), their crucial role in PKI infrastructure, key benefits for organizations, and implementation best practices for secure certificate management.
Read More »
Install an SSL Certificate on a Tomcat or Java-based Web Server
How to install an SSL Certificate on a Java-based Web Server.
Read More »
Understanding CAA Check Failures and How to Resolve Them
Overview Certification Authority Authorization (CAA) records allow domain owners to specify which Certificate Authorities (CAs) can issue TLS certificates for their domains. CAA mandates that
Read More »
How to Automate EV Code Signing With Signtool.exe or Certutil.exe Using eSigner CKA (Cloud Key Adapter)
eSigner CKA (Cloud Key Adapter) is a Windows based application that uses the CNG interface (KSP Key Service Provider) to allow tools such as certutil.exe
Read More »
SSL.com to Deprecate Domain Contact-Based Email Domain Control Validation on December 2, 2024
Starting December 2, 2024, the WHOIS-based email domain control validation (DCV) method to obtain SSL/TLS certificates will no longer be accepted by SSL.com. It has
Read More »
How Simple Passwords and Employees Put Cybersecurity at Risk
Discover how simple passwords and employee negligence can jeopardize your organization’s cybersecurity, and learn practical steps to strengthen your defenses against cyber threats.
Read More »
FAQ: Getting Started With Your Code Signing Certificate
This FAQ answers common questions about getting started signing files with your SSL.com EV Code Signing certificate and YubiKey FIPS token.
Read More »
Code Signing Certificates, Cloud Signing Options and Signing Operations Integration
What is a Code Signing Certificate? A code signing certificate is a digital certificate that provides a globally accepted proof of identity of a software
Read More »
Send a Secure Email using S/MIME Certificate in the new Outlook for Mac
This guide provides MacBook users instructions on how to enable an SSL.com S/MIME certificate on the new Outlook for Mac and use it to digitally
Read More »
Enabling Third-Party Signing Certificates with eSigner Cloud Signing
This guide explains how SSL.com’s eSigner cloud signing service stores third-party digital certificates and their associated private keys. eSigner provides a convenient and secure way
Read More »
Performing Attestation Using Fortanix DSM
Background As of June 1, 2023, SSL.com has stopped issuing code signing certificates as downloadable PFX files, aligning with new key storage requirements set by
Read More »
Generate a Certificate Signing Request in Azure Key Vault
Prerequisites An Azure Key Vault (Premium Tier). The Azure Key Vault service tier that should be used for this process is Premium because it is
Read More »
SSL Certificate Expiration Guide
Why do SSL Certificates Expire? Think of an SSL certificate as a passport for your website, verifying its identity and ensuring secure connections. Just as
Read More »
Implementing Code Signing with Google Cloud HSM
Certificate Authorities like SSL.com have recently heightened the key storage standards for Code Signing Certificates, now mandating the storage of the certificate’s private key either
Read More »
Bulk Enrollment of Organization Validation (OV) S/MIME Certificates
SSL.com provides a convenient way to order and enroll a large volume of Organization Validation (OV) S/MIME certificates through our bulk order tool. This guide
Read More »
S/MIME Installation for Outlook Android and iOS
Requirements for S/MIME Setup To ensure optimal security in Exchange Online, it’s crucial to configure S/MIME according to the guidelines specified in the ‘Configure S/MIME
Read More »
How to publish your S/MIME certificate to a Global Address List (GAL)
What is a Global Address List (GAL)? A Global Address List (GAL) is a centralized directory of email addresses and contact information within an organization’s
Read More »
What Is a Certificate Authority (CA)?
Certificate authorities (CAs) are critical in securing online communications and identities. But what exactly does a CA do? And how do they establish trust online?
Read More »
