New & Notable
PKI and digital certificates News
August 04, 2021
Multiperspective validation can be thwarted with a traffic-throttling technique that could lead to attackers obtaining digital certificates for domains they don't own.
March 17, 2021
The investigation into a stolen Mimecast-issued digital certificate is now complete, and the vendor said the initial intrusion was Sunburst malware in the SolarWinds Orion platform.
January 26, 2021
Mimecast conducted an investigation after being alerted by Microsoft that a certificate for Microsoft 365 Exchange Web Services authentication was stolen by a sophisticated actor.
April 23, 2020
Border crossings. Police checkpoints. Security cages. Secret safes. These are just some of the hurdles certificate authorities face as they strive to maintain security during COVID-19.
PKI and digital certificates Get Started
Bring yourself up to speed with our introductory content
A certificate authority (CA) is a trusted entity that issues Secure Sockets Layer (SSL) certificates. Continue Reading
The MD5 (message-digest algorithm) hashing algorithm is a one-way cryptographic function that accepts a message of any length as input and returns as output a fixed-length digest value to be used for authenticating the original message. Continue Reading
A certificate revocation list (CRL) is a list of digital certificates that have been revoked by the issuing Certificate Authority (CA) before their actual or assigned expiration date. Continue Reading
Evaluate PKI and digital certificates Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
Digital signatures on PDF documents don't necessarily guarantee their contents are valid, as new research shows viewer implementations don't always detect incomplete signatures. Continue Reading
Public key infrastructure is emerging as the essential technology for identity management in IoT, as customers seek out a trifecta of data integrity, authentication and encryption. Continue Reading
After introducing HTTP Public Key Pinning to the internet two years ago, the upcoming Chrome will replace it with the Expect-CT header. Matt Pascucci explains the switch. Continue Reading
Manage PKI and digital certificates
Learn to apply best practices and optimize your operations.
In IAM, companies must consider whether machines, applications and devices have the appropriate identities and access authorizations when communicating behind the scenes. Continue Reading
Cloud providers' tools for secrets management are not equipped to solve unique multi-cloud key management challenges. Learn how key management-as-a-service tools can fill the gaps. Continue Reading
SSL/TLS security is continuously improving, and there are steps site owners should take to ensure the safety of their SSL certificates, websites and users. Read on to learn more. Continue Reading
Problem Solve PKI and digital certificates Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
Hashing is the process of transforming any given key or a string of characters into another value. Continue Reading
Padding oracle attacks have long been well-known and well-understood. Find out how they work and why using modern encryption protocols can reduce the risks. Continue Reading
An expired Exchange 2010 certificate is one of those issues that catches everyone's attention. Check and replace certificates with these basic commands. Continue Reading