DigiCert Blog

All posts under: Announcements

  1. Google Takes Another Step to Help Encourage HTTPS Everywhere

    A year ago, Google proposed that web browsers should flag all plain HTTP web pages as unsecure and made the move to boost search engine rankings for sites using HTTPS URLS. Now, Google is getting ready to place a dreaded red “x” through websites that do not offer an encrypted connection. Google plans to mark…


  2. OpenSSL Patches Two Security Vulnerabilities

    This morning, OpenSSL released two security patches—versions 1.0.2f and 1.0.1r—for two new security vulnerabilities: one rated as “high” severity and one rated as “low” severity. The “high” severity vulnerability affects the 1.0.2 release. The “low” severity vulnerability affects all releases—1.0.2 and 1.0.1. Neither of these bugs affect SSL Certificates; no actions related to SSL Certificate…


  3. Google Plans to Deprecate DHE Cipher Suites

    The security industry continues to raise standards to keep the Internet’s SSL/TLS communications secure. Google announced in a blog post plans to deprecate DHE-based cipher suites. This announcement follows several noteworthy browser security advancements for 2015-16. Earlier this year the major browsers announced they would be ending support for RC4 ciphers in early 2016. In May…


  4. The Case for Making the Move from SHA-1 to SHA-2 Certificates

    Good security is a combination of building layers and staying one step ahead of would-be attackers. Mozilla recently announced that Firefox might end trust for SHA-1 Certificates six months sooner than the current SHA-1 deprecation timeline. This announcement came shortly after a research team expressed concerns about a theoretical risk associated with the SHA-1 hashing…


  5. Researchers Urge Administrators to Replace SHA-1 Certificates with SHA-2

    Online Security Warning

    This morning an international team of cryptanalysts urged administrators to replace their SHA-1 certificates as the risks associated SHA-1 are greater than previously expected. The published findings are theoretical and have not yet been proven in a practical setting. While there doesn’t appear to be an immediate present danger, we strongly encourage administrators to migrate…