Category Archives: SSL Certificates

No More File-Based DCV for Wildcards

Adapting to Industry Changes for Better Web Security
The CA/B Forum has voted on removing the file-based domain control validation (DCV) method for Wildcard certificates (e.g. *.domain.com) starting Dec. 1, 2021. So why the update?

The change was created in response to the concern that host-based control validation isn’t a strong enough way to demonstrate that someone has control over a domain’s entire namespace. Ultimately, this change improves security for subdomains and therefore, web users overall.

To be prepared and acclimated before the official start date, major CA’s such as DigiCert and Sectigo, will no longer allow file-based DCV for Wildcard certificates starting Nov. 15. After that, users can only use email and DNS validation methods to perform DCV for Wildcards.

We offer wide range of certificates from major certificate authorities: RapidSSL, GeoTrust, Thawte, Sectigo (formerly Comodo), Certum, Symantec.

 

You can buy a Certificate not only to protect any server or hosting that is provided by us, but for any other services/servers that you use from different providers. You can also order SSL installation service from us to get your Certificate installed correctly.

DigiCert Scheduled Maintenance

As your trusted advisor, we want to alert you about DigiCert’s upcoming scheduled maintenance. Major upgrades to their internal systems are scheduled for April 6, 2019.

The maintenance window is expected to take approximately 12 hours, starting April 6 at 15:30 UTC and ending April 7 at approximately 3:30 UTC. You’ll be able to place an order for DigiCert products with us during this time but will receive an error if you attempt generation during the maintenance window. For any orders already generated and in a pending status, validation will resume once the maintenance is complete.

Thank you for patience during this upgrade. We appreciate you putting your trust in us.

We offer wide range of certificates from major certificate authorities: RapidSSL, GeoTrust, Thawte, Sectigo (formerly Comodo), Certum, Symantec.

 

You can buy a Certificate not only to protect any server or hosting that is provided by us, but for any other services/servers that you use from different providers. You can also order SSL installation service from us to get your Certificate installed correctly.

Different Name, Same Great Solutions: Comodo is now Sectigo

Comodo CA has re-branded and is now officially Sectigo. We know you have questions, so this post is designed to give you the answers you need and outline what this change means to you as a customer.

Why the change?

Francisco Partners acquired the Comodo Group’s certificate business from back in the fall of 2017. This entity, branded Comodo CA, continued to operate in the same markets, attend the same trade shows and help the same buyers as Comodo Group. The re-brand decision was made to avoid confusion as well as help them deliver on their mission to help organizations of all sizes confidently secure and maximize the digital frontier.

What exactly is changing?

While at first glance this might look like a simple name and logo change, it goes way beyond that. Here’s a quick summary of everything that’s new:

New Company Name

Comodo CA is now officially Sectigo to clearly distinguish the new company from predecessors and prevent confusion.

New Logos

The company logo has been updated. Though November 2019, the new logo should be shown with the “Formerly Comodo CA” tagline.

New Brand

The brand has been updated to represent a more complete web security. New product line logos have also been created for EnterpriseSSL, InstantSSL and PositiveSSL.

New Product Names

All products are being renamed to align with the new brand. For example, Comodo EV SSL is now Sectigo SSL EV, and Comodo SSL Wildcard is now Sectigo SSL Wildcard.

We’re here to help you find the right level of validation based on your goals.

Core Solutions offers 76 different types of certificates from major certificate authorities: RapidSSL, GeoTrust, Thawte, Sectigo (formerly Comodo), Certum, Symantec.

 

You can buy a Certificate not only to protect any server or hosting that is provided by us, but for any other services/servers that you use from different providers. You can also order SSL installation service from us to get your Certificate installed correctly.

5 Reasons Your Business Needs HTTPS

The rules have changed about what good website security means — starting with a new minimum requirement for all website pages to support encrypted connections. The good news is you’ll gain other valuable benefits by adhering to this new standard. First, let’s get on the same page by reviewing a few basics.

What’s HTTPS?

When your customers land on a web page that’s not protected by any type of SSL Certificate they’ll see http:// at the beginning of the website address in the browser bar. This used to be perfectly fine unless your webpage involved a login ID, password, form or payments. Enter the era of mega cybercrime.

HTTP has one glaring flaw — it’s not secure. Any information transmitted via an HTTP connection is vulnerable to being tampered with, misused or stolen. Your visitors deserve to know any data they share with you is safe from prying eyes.

Installing an SSL Certificate changes the browser bar address to https:// to clearly show visitors the connection is encrypted, meaning the server is authenticated and data is protected in transit. No wonder web browsers have made HTTPS the new standard for website security.

HTTPS Is Good for Your Bottom Line

Enabling encrypted connections is one great reason to protect your website with an SSL Certificate. But, it’s not the only reason. Here are some other ways HTTPS brings value to your business.

Speeds Up Performance

Being the slow kid on the block and the last one picked for dodgeball is a bummer. Being slow online could cost you everything. HTTP is being replaced by a newer faster version — HTTP/2. Encrypted connections are required to unlock the latest speed and security features.

Increases Search Engine Traffic

Google includes SSL as a ranking factor. How’d you like to boost your search visibility up to 5%? Be found above the competition by encrypting every page of your website.

Enables Mobile Options

Salesforce reports 71% of marketers believe mobile is core to their business. Mobile’s most popular features — geolocation, motion orientation, microphone, fullscreen and camera access — require HTTPS to be enabled by most browsers

Protects Your Brand Reputation

A recent CA Security Council Report shows a mere 2% of customers would proceed past the “Not Secure” warnings that are due to kick in July 1 for all webpages without HTTPS connections. Show visitors your brand values their security by protecting your website with an SSL Certificate.

Delivers a Seamless Experience

Don’t let visitors engage with several pages on your site only to be get broadsided with a “Not Secure” warning on pages you haven’t protected. They’ll reward you for taking the extra steps to give them an end-to-end encrypted experience.

Identity Validation Matters

HTTPS is no longer optional if you want to build relationships and a business online. The good news it adds a lot of value to your business. But, SSL Certificates do more than enable HTTPS. They also authenticate, or validate your identity so visitors know it’s really you on the other end of their connection.

We’re here to help you find the right level of validation based on your goals.

Core Solutions offers 76 different types of certificates from major certificate authorities: RapidSSL, GeoTrust, Thawte, Comodo, Certum, Symantec.

You can buy a Certificate not only to protect any server or hosting that is provided by us, but for any other services/servers that you use from different providers. You can also order SSL installation service from us to get your Certificate installed correctly.

The Clock is Ticking—Act by July 1 to Avoid “Not Secure” Warnings

If you’ve been following website security industry changes, you may know that the move by browsers to warn visitors of webpages served via HTTP as “Not Secure” has been in the works for a while. And, if you’re like most organizations, preparing for the inevitable has been dead last on your to-do list. Unfortunately, pretending there’s no fire doesn’t mean you won’t eventually get burned.

Implementation has been gradual and the end date has been moved out a few times but, according to the Feb. 8 announcement by Google, you’ll need to get an SSL certificate for all your webpages — not just the ones with login requirements or forms — by the time Chrome 68 launches. Starting July 2018, Chrome will universally alert visitors that land on any HTTP webpage. What began as a nudge from Google and Mozilla that only impacted pages with unencrypted password or text fields has become a no-exceptions requirement. We’re guessing this isn’t what you want your visitors to see.

Why HTTPS?

HTTP served Internet users well for many years. Unfortunately, given today’s cybercrime-ridden web, it has one crucial flaw — it’s not secure. That means data in transit can be stolen or manipulated.

HTTPS is secure and shows visitors https:// in the browser bar indicating encryption is authenticating the server and protecting transmitted information. So, it’s easy to understand why web browsers are now requiring it as a basic standard.

How do I get HTTPS?

SSL Certificates enable HTTPS — so the sooner you install one on all your webpages, the better. But, remember, website security is about more than encrypting data. Ensuring who’s on the other end of the data transfer is equally, if not more, important so making sure you have the right level of identity validation matters.

Choosing the right SSL certificate can be confusing, but it doesn’t have to be. We’re here to help you sort through your options and find the most cost-effective way to meet the July 1, 2018, deadline and boost your bottom line.