Generating an ECC-DSA Key and a CSR

If you need SSL certificates in ECC (elliptic curve cryptography) format, this will mostly fail while applying for the certificate. So far a certificate with ECC is only supported by a few operating systems, with OpenSSL this is already possible. It is important to note that the generation deviates from the normal procedure and cannot […]

Mehr lesen

We did not receive a confirmation email!

Please note that the confirmation emails from GeoTrust/RapidSSL (Bronze), Thawte (Limitbreaker) are not sent to you by ourselves, but by DigiCert. We do not have any influence on the delivery. The error often occurs because these automatically generated and english mails are marked as SPAM and therefore filtered out on your page or moved to […]

Mehr lesen

Can I select the e-mail address for the validation myself?

The e-mail address for the validation can’t be chosen at will. The CAB Forum (Certificate Authority and Browser Forum) has determined that only domain-specific e-mail addresses are permitted for validation in order to occupy access to the domain. Examples are among others: admin@domain.tld administrator@domain.tld hostmaster@domain.tld postmaster@domain.tld webmaster@domain.tld Alternatively, an e-mail address from the WHOIS (NIC) […]

Mehr lesen

Who needs an SSL/TLS certificate?

An SSL/TLS certificate is required by anyone who wishes to transmit personal data (such as surname, first name, date of birth, address, bank details and many more) securely and encrypted on their website. Many mail servers (e.g. autodiscover, owa or mail) now also require SSL/TLS certificates. For further questions please contact our support team at […]

Mehr lesen

How do I recognize a secure SSL/TLS certificate?

It is quite easy to detect a secure SSL/TLS certificate: A secure SSL/TLS certificate is pretty easy to detect: Common browsers such as Mozilla Firefox or Google Chrome show you a small security lock at the top of the browser address bar in front of the URL. As an additional indication for a secure SSL/TLS […]

Mehr lesen

How are intermediate certificates installed on the Kerio MailServer / Kerio Connect Groupware Server?

Create three individual text files from the three certificate texts and name the files as follows: server.crt, intermediate.crt, rootca.crt The content of the files should look something like this:   server.crt –BEGIN CERTIFICATE– MTIzIGNlcnRpZmljYXRlMRkwYDVQQLDBBEb21haW4gVmFsaWRhdGVkMRswGQYD … nFxaNxO61bChl1pZx64r4s/k+voqZ6X9T3Cc4 –END CERTIFICATE–   intermediate.crt –BEGIN CERTIFICATE– MTIzIGNlcnRpZmljYXRlMRkwYDVQQLDBBEb21haW4gVmFsaWRhdGVkMRswGQYD … nFxaNxO61bChl1pZx64r4s/k+voqZ6X9T3Cc4 –END CERTIFICATE–   rootca.crt –BEGIN CERTIFICATE– MTIzIGNlcnRpZmljYXRlMRkwYDVQQLDBBEb21haW4gVmFsaWRhdGVkMRswGQYD … nFxaNxO61bChl1pZx64r4s/k+voqZ6X9T3Cc4 –END […]

Mehr lesen

How are intermediate certificates installed in lighttpd?

Create the two necessary files as follows: cat private.key mycert.crt > lighttpd-server.pem cat root.crt intermediate.crt > lighttpd-ca.pem   Afterwards you integrate the files into the configuration as follows: $SERVER[„socket“] == „:443“ { ssl.engine = „enable“ ssl.pemfile = „/etc/ssl/lighttpd-server.pem“ ssl.ca-file = „/etc/ssl/lighttpd-ca.pem“ } Kindly supported by Weiss System

Mehr lesen

Problems with Windows XP when using SHA-2 certificates

Some CAs remain cautious about deleting SHA-1. This is especially related to Windows XP: The support for XP expired in April 2014, nevertheless XP remains the number one operating system for many users and unfortunately also for various authorities and companies. In order for Windows XP to recognize SHA-2, it is necessary to install the […]

Mehr lesen