SSL Advanced

What is SSL Client Certificate Authentication and How Does It Work?

Posted on by

Did you know that SSL can be used for both client authentication as well as server authentication? And what is SSL client certificate authentication to begin with?

When most people refer to SSL certificates and the authentication they provide, it’s done in the context of server SSL certificates — not client authentication. This is an important to note because the vast majority of SSL certificates that are used are server certificates. When a client arrives at a website, the server presents its certificate and the client performs an authentication to verify the identity of the certificate’s owner.

Read More

What is HTTP Public Key Pinning and Why It’s Not Good to Practice

Posted on by

In the annals of bad human ideas, HTTP public key pinning, or what’s more commonly known as HPKP, ranks right up there with spray-on hair and two-in-one toilet/bidets. Without straying too far into the proverbial weeds, we’re going to lay out why you definitely shouldn’t be pinning your keys in this blog post.

And to be clear — just in case you don’t read past this sentence — don’t pin your keys. Simply put, HPKP is a terrible idea, and it’s more likely to break your website than lead to any meaningful improvement in security! Even Google agrees.

Read More

What an SSL Common Name Wildcard Error Is and How to Fix It

Posted on by

Having wildcard(*) SSL certificate in common name (CN) issues? Here’s what you can do about it

Are you having issues with your wildcard SSL certificate, or have you seen a message akin to “WILDCARD(*) SSL CERTIFICATE IN COMMON NAME (CN)?” The second half of this question is actually a fairly misleading one because it’s a hyper-specific error that is really just a variant of a more common wildcard SSL error. So, if you have a wildcard SSL certificate installed on your server and you’re running into this issue, keep reading.

Read More

Why Is My Wildcard SSL Not Working on a Second Level Subdomain?

Posted on by

An In-Depth Look at Why a Wildcard SSL Certificate Causes a Domain Mismatch Error on a Second Level Subdomain

We know, you’re here because your wildcard SSL is not working on a second level subdomain for some reason. To help you understand why, we first need to tell you a bit about wildcard SSL certificates and what they do and don’t secure. The digital certificate industry is, at times, needlessly opaque about what its products actually do. The wildcard is one of the biggest offenders. It’s often marketed as securing “unlimited subdomains.” And that’s partially true — with one important caveat:

Read More

HostGator Wildcard SSL: How to Install a Wildcard SSL Certificate on HostGator

Posted on by

HostGator is a popular hosting platform (with an unfortunate mascot). Wildcard SSL certificates are X.509 digital certificates designed to encrypt sub-domains. Sometimes the two meet and one gets installed on the other. Maybe this is what you’re trying to do with what you might refer to as a “HostGator wildcard SSL certificate.”

Read More

How to Install a Wildcard SSL certificate on NGINX

Posted on by

Yeah, you’re here because you want to know how to install a wildcard SSL certificate on your NGINX server. You’re not the first person to ask, nor are you likely to be the last. After all, NGINX is one of the most popular servers in use, and wildcard SSL certificates are great because they help you secure one domain and all of its first-level sub-domains. Add this together, and it means that sometimes people install wildcard SSL certificates on NGINX.

Read More

What is a SAN Certificate and How Does SAN SSL Work to Secure My Site?

Posted on by

We’ll break down what is SAN certificate is SSL and why it matters to your organization

SANs. Hardly anyone seems to love acronyms as much as IT and infosec professionals. Well, except maybe government or medical professionals… but, you get the point. However, what is SAN in SSL? You’re likely here because you’re wondering “what is a SAN certificate” and how is it useful? Well, you’ve come to the right place for an answer. This is kind of our area, after all.

Read More

How to Install a Wildcard SSL Certificate on IIS 7 and IIS 8

Posted on by

Your guide on how to effectively install a wildcard SSL certificate on your Microsoft server

Do you want to know how to install a wildcard SSL certificate on IIS? No worries. We’ve got you covered. Heck, we’ve even included some screenshots of the steps to help you along the way. We’re no strangers to this process — we’ve even written other resources such as how to install wildcard SSL certificates on multiple servers.

Read More

How Do I Find My Comodo SSL Certificate Private Key?

Posted on by

Let’s Understand How to Get Private Key from Certificate

It’s always a good idea to know where your SSL certificates’ private keys are located, as they are the key (pun intended) to authorizing that your domain is the real deal. Whether you’re using a Comodo SSL certificate private key or one from another certificate authority (CA), it’s vital that you know where it is and keep it safe. Why is it so important? Because anyone who gets access to your private keys can spoof your website since it will now be “authenticated” with the compromised private key.

Read More