New guidelines dictating the requirements for PCI Compliance, version 3.1 of PCI Data Security Standards (PCI DSS), were released in April. These guidelines must be followed for all companies who take payments over the Internet. A key part of the new PCI DSS are stricter requirements around the use of TLS (SSL).PCI DSS v3.1 states that SSL 3.0 and TLS 1.0 “can no longer be used as a security control after June 30th, 2016.” This means that disabling these protocol versions is required Read more [...]
On April 14th, 2015, Symantec officially announced increased prices for their brands of SSL Certificates. As The SSL Store™ is a top web security partner of Symantec, we informed our Japan-based customers and partners that we also have to comply with this new regulation and adjust our pricing for SSL certificates with .JP domain names.When you purchase an SSL Certificate, our system will now require an extra surcharge when you go to create a CSR and your domain name contains a .JP or administrative, Read more [...]
The world’s most trusted online security brand Symantec has just announced that they will now secure www & non-www domain names with single SSL certificate & it will be considered the same FQDN! This is big news for us and all of our partners and customers.Finally, all Symantec SSL certificates will now consider the base domain as a free SAN or Subject Alternative Name, which simply means you can secure both versions of your website, www.name-of-site.com and name-of-site.com with single Symantec Read more [...]
If you have ever flown on a US airline, chances are you have seen an advertisement for an in-flight Wi-Fi service provided by Gogo. While Gogo is certainly appealing to most travelers in this day and age, a revelation has come to light recently about this service that you should probably be aware of.This past week, Adrienne Porter Felt, a security engineer at Google, discovered that Gogo was using a fraudulent certificate in place of Youtube.com’s real SSL certificate. The certificate was Read more [...]
On March 1st, 2015, The SSL Store™ will discontinue offering SSL certificates with validity periods of 4 and 5 years.
This is in accordance with new guidelines set forth by the Certificate Authority/Browser (CA/B) Forum, the governing body of the SSL industry. This update will affect all SSL certificates in the industry, including the entire product catalogs of Symantec, Comodo, Thawte, GeoTrust, and RapidSSL. (EV certificates are already limited to a maximum of two years so they are not affected Read more [...]
Symantec™ Corporation is a US-based internet security & technology company, founded by Gary Hendrix in 1982. It’s a global and publically traded company (NASDAQ: SYMC) dealing with many different sectors of the security industry, such as; anti-virus applications, data storage & backup solutions, SSL certificates and other website security solutions.
As per W3Techs’s (Web Technology Surveys) report, Symantec™ Corporation is the top Certificate Authority (CA) with the largest market Read more [...]
Back in October, we published an extensive article about an attack called POODLE that affected old versions of the SSL protocol (specifically, SSL 3.0). This attack had the potential to affect nearly 98% of the Internet, as many servers still supported this older version of the protocol.But now it has been revealed that POODLE is back, this time with the ability to affect even the newest version of the protocol1.
Any time we visit the topic of SSL protocol attacks, we should remember this brief Read more [...]
Are you shocked after reading the headline? Yes, it is true that ALL (SAN/UCC) SSL Certificates will not work for internal server domain names from 1st November, 2015.As per the CA/Browser Forum (CA/B), the regulatory body that governs the SSL industry, one of the new changes is the elimination of certificates for internal names. This change makes it impossible to obtain a publicly trusted certificate for any host name that cannot be externally verified as owned by the organization that is requesting Read more [...]
What is “POODLE”?
POODLE is an acronym for a newly discovered vulnerability in a specific version of the SSL protocol. POODLE requires an “active” attacker, meaning there must be another ‘bad’ computer intercepting messages between the client and server. Ultimately, the vulnerability allows the attacker to decode messages encrypted with SSL v3.0 (the specific, and only, version of the protocol affected).SSL v3.0 is an old version of the SSL protocol, a very old version - from the Read more [...]
Thai Duong, Bodo Moller and Krzysztof Kotowiczis, three of Google’s security researchers, recently found a vulnerability in SSL 3.0, which has been referred to as POODLE (Padding Oracle on Downgrade Legacy Encryption).Per the latest Net Craft survey, nearly 97% of web servers in the world are likely to be vulnerable to POODLE attacks. The POODLE vulnerability affects the SSL certificate version 3.0 (SSLv3). It allows a man-in-the-middle attacker to access confidential information from the SSL Read more [...]
Cisco’s Adaptive Security Appliance (ASA) was introduced in May 2005. It is an effective combination of the functionalities of Cisco PIX, IPS product lines and VPN 3000.
In this post, we have put together a step-by-step guide for installing an SSL certificate on Cisco ASA 5510, one of the many versions from the Cisco ASA 5500 series. This series of security appliances by Cisco is one of the most popular hardware firewalls in the market.
Learn How To Install an SSL Certificate on Cisco ASA 5510
Step Read more [...]