DigiCert Blog

All posts under: Best Practices

  1. OpenSSL Patches a “HIGH” Security Vulnerability in OpenSSL 1.1.0

    Early this morning, the OpenSSL project team released the security patch 1.1.0e to fix a “HIGH” severity security vulnerability found in OpenSSL 1.1.0. Version 1.0.2 is not affected. However, system admins should patch their 1.1.0 OpenSSL framework immediately. This bug does not affect SSL/TLS certificates. No actions related to SSL/TLS certificate management are required. Encrypt-Then-Mac…


  2. Browser Security Icon Updates and SHA-1 Deprecation

    Earlier this year, both Google and Mozilla released versions of Chrome and Firefox with changes to their security indicators and updates for the SHA-1 deprecation. Both browsers feel that these changes will simultaneously help users recognize the risks of entering unsecure HTTP sites and urge site owners to upgrade to secure HTTPS connections. Chrome In…


  3. Chrome Will Mark HTTP Sites “Not Secure” in January

    In September and November of 2016, Google announced two major changes they plan to make in Chrome 56, which they will release near the end of January 2017. With the release of Chrome 56, Google will update the security indicator icon for HTTP connections, and will end support for SHA-1 certificates. In one of the…


  4. OpenSSL Patches 3 Security Vulnerabilities in OpenSSL 1.1.0

    This morning, the OpenSSL project team released the security patch 1.1.0c for three security vulnerabilities discovered in OpenSSL 1.1.0. This patches fix one “high severity,” one “moderate severity,” and one “low severity” vulnerabilities. None of these bugs affect SSL/TLS certificates. No actions related to SSL/TLS certificate management are required. Source code for all the OpenSSL…


  5. Google Certificate Transparency (CT) to Expand to All Certificates Types

    A recent Google announcement says all publicly trusted SSL/TLS certificates issued in October 2017 or later will be expected to comply with Chrome’s Certificate Transparency (CT) policy in order to be trusted by that browser. Since January 2015, Chrome has required Extended Validation (EV) certificates to comply with CT, but now with this policy change, it…