Firefox to Stop Supporting MD5-Based SSL
SSL technology has of course developed over the years; the current standard is 2048-bit. 1024-bit encryption is now outdated. This is because hackers have become much more sophisticated. Cyber-crime has become big business, and there is a lot of money to throw around to pay intelligent people to find exploitable loopholes in technology. Some of the older RapidSSL, still in operation, are 1024-bit. Additionally, these SSL are signed with MD5, the algorithm that determines how the certificate encrypts data. MD5 has been proven susceptible to man-in-the-middle attacks.
Firefox has decided to no longer support MD5. Firefox’s updated browser that will not recognize MD5 as legitimate SSL encryption is planned for release on June 30, 2011 (link below).
The good news is that reissuance is a simple and FREE process. If you feel you may have an MD5-signed certificate, if it was purchased through us, you should have received two Security Alert emails. If for some reason you did not, the important date is December 31, 2008. Any RapidSSL purchased prior to that date should be reissued and reinstalled. Again, reissuance is FREE. The link to reissue is at the end of this article. Below it is a special, OPTIONAL offer to upgrade and improve your mobile device compatibility instead. Either reissuance or replacement will solve the MD5 problem.
We know this is a pain, but we do think Mozilla is taking the right action to make the Internet a safer environment.
Mozilla Announcement: https://wiki.mozilla.org/CA:MD5and1024
FREE Standard/Wildcard Reissue Page: https://knowledge.geotrust.com/support/knowledge-base/index?page=content&id=AD302&actp=search&viewlocale=en_US
Mobile Device Compatibility: http://tinyurl.com/sslstorecisco
A.) OPTIONAL Standard SSL Replacement: Heavily discounted GeoTrust QuickSSL Premium.
- Geotrust QuickSSL Premium one-year @ $39 (save $40)
- Add a second year @ $29 (save $69; no reinstall till 2013)
- Add a third year @ $29 (save $98; no reinstall till 2014)
- Add a fourth year @ $29 (save $133; no reinstall till 2015)
- Add a fifth year @ $29 (save $159; no reinstall till 2016)
B.) OPTIONAL Wildcard SSL Replacement: Heavily discounted GeoTrust TrueBusinessID Wildcard.
- Geotrust True BusinessID Wildcard one-year @ $379 (save $60)
- Add a second year @ $279 (save $220; no reinstall till 2013)
- Add a third year @ $249 (save $410; no reinstall till 2014)
- Add a fourth year @ $229 (save $620; no reinstall till 2015)
- Add a fifth year @ $199 (save $860; no reinstall till 2016)
5 Ways to Determine if a Website is Fake, Fraudulent, or a Scam – 2018
in Hashing Out Cyber SecurityHow to Fix ‘ERR_SSL_PROTOCOL_ERROR’ on Google Chrome
in Everything EncryptionRe-Hashed: How to Fix SSL Connection Errors on Android Phones
in Everything EncryptionCloud Security: 5 Serious Emerging Cloud Computing Threats to Avoid
in ssl certificatesThis is what happens when your SSL certificate expires
in Everything EncryptionRe-Hashed: Troubleshoot Firefox’s “Performing TLS Handshake” Message
in Hashing Out Cyber SecurityReport it Right: AMCA got hacked – Not Quest and LabCorp
in Hashing Out Cyber SecurityRe-Hashed: How to clear HSTS settings in Chrome and Firefox
in Everything EncryptionRe-Hashed: The Difference Between SHA-1, SHA-2 and SHA-256 Hash Algorithms
in Everything EncryptionThe Difference Between Root Certificates and Intermediate Certificates
in Everything EncryptionThe difference between Encryption, Hashing and Salting
in Everything EncryptionRe-Hashed: How To Disable Firefox Insecure Password Warnings
in Hashing Out Cyber SecurityCipher Suites: Ciphers, Algorithms and Negotiating Security Settings
in Everything EncryptionThe Ultimate Hacker Movies List for December 2020
in Hashing Out Cyber Security Monthly DigestAnatomy of a Scam: Work from home for Amazon
in Hashing Out Cyber SecurityThe Top 9 Cyber Security Threats That Will Ruin Your Day
in Hashing Out Cyber SecurityHow strong is 256-bit Encryption?
in Everything EncryptionRe-Hashed: How to Trust Manually Installed Root Certificates in iOS 10.3
in Everything EncryptionHow to View SSL Certificate Details in Chrome 56
in Industry LowdownPayPal Phishing Certificates Far More Prevalent Than Previously Thought
in Industry Lowdown