Acmetek Launches SSLSupportDesk to facilitate top quality support.

About SSLSupportDesk:

SSL Support Desk which is powered by Acmetek is a technical support center to facilitate top quality support for not only Acmetek customers, but for the technical community as well. https://www.SSLSupportDesk.com strives to address the in depth questions that people, server administrators, business representatives and even students may have regarding SSL certificates, key pair creation, Encryption, Malware Vulnerability scanning, etc..

Many certificate authorities may have their own knowledge base or support channel that can answer some of these questions, but getting those answers in a clear fashion, being able to present them in the easiest way possible, and having those customers left with a greater understanding with what they started with is what SSL Support Desk is set to accomplish. The site is ever evolving and its goal to be a central repository of knowledge regarding the complexity of SSL certificates, encryption, server security, industry standards, etc one that it can and will accomplish. This is our purpose this is our mission

Better Secure Than Sorry!

What is Certificate Transparency?

Google’s Certificate Transparency is an open source project that aims to strengthen the SSL/TLS certificate system, which is the main cryptographic security system that underlies all HTTPS secure connections. It is a extra tier of certificate security that forms a Security Triad to ensure that clients navigating the internet are safe and secure in regards to web security.

What Is Certificate Transparency (CT)?

As the name implies, CT allows people on the internet to look at all certificates that have been issued by a Certificate Authority (CA). This is achieved using centralized logging to a collection of servers. These log servers talk to one another, to ensure consistency and reveal any unusual activity. Anyone can query the log servers to find out details on certificates that have been issued to anyone, by anyone. For example, a company could check to see what certificates have been created using its domains and details.

In a nutshell, Certificate Transparency is a 3rd party auditing log required by Google/Chrome to display certificate ownership information.  The information is publicly audible.  Once the CT logging is enabled, that information will be public and can not be deleted from the log.  The following information appears in the CT log:

  • Common Name
  • Subject alternative names
  • Organization name
  • CA (issuer) name
  • Serial number
  • Validity period
  • Extensions
  • Certificate chain

*Note: that much of this information is already publicly available for external sites.

The Security Triad:

Certificate Security Triad If you haven’t noticed over the years all client web browsers have been implementing various security notifications regarding the safety of websites. Browser have become an Auditor of website security  and show notifications to clients when web-surfing.

These notifications will typically show green bars or  padlocks if everything is secure and safe.  Yellow exclamation marks to make client awareness that the website is not as secure as it can be. Lastly red strikes if the browser deems something that is considered unsafe for users. The notifications will vary from browser to browser, but in the end these are all just disclaimers to inform web visitors on the safety of the website. Anything can contribute to these browser notifications including outdated server software configurations, Mixed or Insecure Content, or the certificate running on the website.

Now with Certificate Transparency there is a Web Security Triad. Security is not just limited to the Certificate Authority (Monitor) and Client browser (Auditor) like it used to be. Here’s what’s going on now.

  • CT is a middle logging system that holds a time-stamp of logs of the certificates that have been issued by the various CA’s.
  • The CA informs the Log Server of all certificates that get issued.
  • The CA Monitor and Browser Auditor work in conjunction with the CT Log Server to Monitor, and Audit logs for suspicious certs, and verify that all the certs issued are visible for the public community.
  • The Client browser Auditor verifies that the logs are behaving properly and informs  clients of anything suspicious that has happened in regards to certificate security.

CT is something that happens behind the scenes and is pretty much unnoticeable to browser clients navigating the web, but with its implementation there is a faster response and a extra tier to client safety with navigating the web.

For more information on Certificate Transparency feel free to visit Https://www.certificate-transparency.org



About SSLSupportDesk:

SSLSupportDesk is part of Acmetek who is a trusted advisor of security solutions and services. They provide comprehensive security solutions that include Encryption & Authentication (SSL), Endpoint Protection, Multi-factor Authentication, PKI/Digital Signing Certificates, DDOS, WAF and Malware Removal. If you are looking for security look no further. Acmetek has it all covered!

Contact an SSL Specialist to get a consultation on the Website Security Solutions that can fit your needs.

Become a Partner and create additional revenue stream while the heavy lifting for you.

Domain-Validation

Domain
Validation

Domain Validation represents the simplest or “good” SSL certification. Domain Validation confirms that the domain is registered, and someone with administrative rights is aware of and approves the certificate request. This type of SSL can be issued in minutes.