Websites encrypted with 1024-bit SSL certificates will no longer be recognized by browsers
New Certificate/Browser (CA/B) Forum Industry Standard Set to Begin on January 1st, 2014
As per the new rule agreed upon at the Certificate/Browser (CA/B) forum, the governing body for the SSL industry, all active, issued security certificates must be signed with 2048-bit encryption beginning January 1st, 2014. This new standard was suggested by the National Institute of Standards and Technology (NIST) and is a pre-emptive response to the growing sophistication of hackers and super computers, as doubling the encryption on SSL certificates will continue to ensure the security of websites for many years to come.
Overall, this is good news for the industry, as it simply means that SSL is getting stronger. However, certain measures will need to be taken by customers who have a domain protected by an active 1024-bit certificate. For customers who aren’t exactly sure what type of encryption their website’s SSL certificate boasts, here is a helpful link.
If a 1024-bit SSL certificate is expiring before January 1st, 2014, all a customer will have to do is simply use a 2048-bit Certificate Signing Request (CSR) during the renewal process. However, if a 1024-bit SSL certificate is expiring any time after January 1st, 2014, extra measures need to be taken. The active certificate will need to be revoked and reissued before October 1st, 2013. The reason for the early date is because Certification Authorities want to ensure that their customers’ websites remain up and running uninterrupted during the tumultuous holiday shopping season.
Revoking and reissuing an SSL cert can be done manually or by your certificate provider. This process is completely free and will allow customers to get all of the remaining time on their certificate with 2048-bit encryption strength. SSL customers will also want to first check and make sure that their server can support a 2048-bit certificate. Most servers are equipped to handle this level of encryption, but in certain cases, this may be an issue.
It is extremely important that customers with active 1024-bit certificates complete these steps before the designated deadlines, as failure to do so will result in browsers not recognizing their company websites. The process of revoking/reissuing can be completed in a matter of minutes and is well worth the time, as it will ensure a safer online experience for web-users and will help companies avoid any downtime on their websites.
For more information about the upcoming 2048-bit switch, please feel free to contact The SSL Store™, one of the largest security certificate providers in the world, at (727) 388-4240 or via email at support@theSSLstore.com. They can help you determine what kind of certificate you have and walk you through the renewal process.
5 Ways to Determine if a Website is Fake, Fraudulent, or a Scam – 2018
in Hashing Out Cyber SecurityHow to Fix ‘ERR_SSL_PROTOCOL_ERROR’ on Google Chrome
in Everything EncryptionRe-Hashed: How to Fix SSL Connection Errors on Android Phones
in Everything EncryptionCloud Security: 5 Serious Emerging Cloud Computing Threats to Avoid
in ssl certificatesThis is what happens when your SSL certificate expires
in Everything EncryptionRe-Hashed: Troubleshoot Firefox’s “Performing TLS Handshake” Message
in Hashing Out Cyber SecurityReport it Right: AMCA got hacked – Not Quest and LabCorp
in Hashing Out Cyber SecurityRe-Hashed: How to clear HSTS settings in Chrome and Firefox
in Everything EncryptionRe-Hashed: The Difference Between SHA-1, SHA-2 and SHA-256 Hash Algorithms
in Everything EncryptionThe Difference Between Root Certificates and Intermediate Certificates
in Everything EncryptionThe difference between Encryption, Hashing and Salting
in Everything EncryptionRe-Hashed: How To Disable Firefox Insecure Password Warnings
in Hashing Out Cyber SecurityCipher Suites: Ciphers, Algorithms and Negotiating Security Settings
in Everything EncryptionThe Ultimate Hacker Movies List for December 2020
in Hashing Out Cyber Security Monthly DigestAnatomy of a Scam: Work from home for Amazon
in Hashing Out Cyber SecurityThe Top 9 Cyber Security Threats That Will Ruin Your Day
in Hashing Out Cyber SecurityHow strong is 256-bit Encryption?
in Everything EncryptionRe-Hashed: How to Trust Manually Installed Root Certificates in iOS 10.3
in Everything EncryptionHow to View SSL Certificate Details in Chrome 56
in Industry LowdownPayPal Phishing Certificates Far More Prevalent Than Previously Thought
in Industry Lowdown