Articles about certificates

The radical shortening of SSL/TLS certificate lifespans from 398 days to 47 days by 2029 is shaking up the cybersecurity world. New research shows 96 percent of organizations are concerned about the impact of shorter SSL/TLS certificate lifespans on their business.

The study from Sectigo, developed in collaboration with global research firm Omdia, surveyed over 270 IT decision makers and finds fewer than one in five organizations feel very prepared to support the coming shift to 47-day certificate renewal cycles.

Continue reading →

We’re all familiar with the idea of TLS/SSL security certificates that verify the identity of a website and ensure trust and security on the web by confirming that the site you’re visiting is what it says it is.

Usually these relate to the domain name of the site, since that’s how most people gain access, indeed if you type in the underlying IP address instead you’ll often get an error because of the lack of a certificate.

Continue reading →

Certificates are an important part of security for organizations but they're not without risks. These include certificates with long lifespans (one in every 13 certificates have lifespans over two years), certificates without key usage (one in every 25 certificates), certificates with negative serial numbers (one in every 27 certificates), and unsanctioned domain usage.

Keyfactor is launching a Command Risk Intelligence which will visibility into every certificate in use and helps teams proactively identify and mitigate certificate-related risks before they disrupt business operations.

Continue reading →

While digital certificates are an essential part of day-to-day security they also present challenges. They can expire or be revoked, or even forged.

We spoke to Bert Kashyap, CEO of passwordless security platform SecureW2, to learn more about certificate-related vulnerabilities and what IT and security teams can do to deal with them effectively.

Continue reading →

Last year, the Chromium Project -- a Google-backed open source browser project -- released its roadmap for building a safer, faster, and more stable Internet, containing recommendations to reduce the lifespan of Transport Layer Security (TLS) certificates from 398 days to 90. This was a starting gun to the industry. As the operator of Chrome, Google has the power to enforce shorter validity periods by making them a requirement -- which will likely become the de facto standard across all browsers soon after.  

When these changes come into force, every business that uses TLS certificates -- i.e. every business that connects services with the internet -- will be impacted. TLS certificates are machine identities, they enable systems to talk to each other securely over the internet. If they are not reissued or replaced before they expire, the service they are connecting stops working. This results in hugely costly outages, disruption, and increased security risks -- and it’s something that everyone has experienced with their browser through a 'can’t connect to untrusted site- error.  

Continue reading →