When will SHA-1 no longer be accepted?

The statements differ here: Mozilla intends to dispense with SHA-1 certificates from 1 January 2017. Google classifies websites with SHA-1 certificates valid until or after January 1, 2017 as „secure, but with minor errors“ with Chrome version 39, which will be released in November 2014. You can recognize this by the fact that a lock […]

Mehr lesen

What will happen to my old encrypted emails when I receive a new S/MIME certificate?

It is important that you retain the expired S/MIME certificate with the corresponding private key. Thus, all e-mails encrypted with this S/MIME certificate and the corresponding private key remain readable for you. If the expired S/MIME certificate or the corresponding private key is deleted, you can no longer read all e-mails encrypted with this certificate […]

Mehr lesen

Who is legally obliged to use an e-mail certificate with the RSASSA-PSS signature algorithm?

Since October 2017, all network operators in the electricity and gas industry have been required to digitally encrypt and sign e-mails containing EDIFACT transmission files. EDIFACT files contain, for example, invoice and order information and are sent directly from the ERP system. As these files contain sensitive and personal data, they are strictly confidential. Since […]

Mehr lesen

Tip: Using 8192-bit SSL-Certificates under Mac OS

You have purchased an SSL certificate for your website that encrypts with a key length of 8192 bit or more. You often hear from your website visitors that this certificate is not recognized correctly by the browser. As a rule, these are Mac OS users who access your site via Chrome/Chromium or Safari. In fact, […]

Mehr lesen

Wildcards – Is the Main Domain Included in the Certificate?

Almost all wildcard certificates contain the main domain as an entry in the SSL certificate. Explicitly this means in case of a certificate issuance for *.psw-group.de the domain psw-group.de is automatically secured too. In the case of Subdomains this is however differently arranged. If you order a certificate for *.web1.psw-group.de this does not necessarily mean […]

Mehr lesen

Generating an ECC-DSA Key and a CSR

If you need SSL certificates in ECC (elliptic curve cryptography) format, this will mostly fail while applying for the certificate. So far a certificate with ECC is only supported by a few operating systems, with OpenSSL this is already possible. It is important to note that the generation deviates from the normal procedure and cannot […]

Mehr lesen