SSL/TLS and captive portals
Chances are that you’ve used a captive portal – possibly without knowing it! Captive Portals are a legitimate means of grabbing the users attention
SSLTrust Cyber Security Blog | Page 4
Back to Blog HomepageLet's Encrypt becoming untrusted in 2021 for some
Let’s Encrypt is a fairly popular service offering free SSL/TLS certificates to those who are uninterested in the value-add of traditional certificate resellers. Historically, this CA has partnered with IdenTrust to provide this service as it has …
A Guide to Intermediate Certifiates
Intermediate certificates are often a topic of confusion. It’s understandable. We pay a lot of attention to root certificates as they require a lot of active management on the client. Leaf certificates on the endpoint are the star of the show – …
Understanding the SSL/TLS Racoon Attack
It’s that time again. As protocols mature, inevitably security vulnerabilities lurking beneath the surface are uncovered by security professionals. The so-called “Racoon” vulnerability is unusual however in that it affects TLS 1.2, arguably the most …
Understanding Certificate Cross-Signing
Certificate Cross-Signing is a nuance of PKI which is often poorly understood. This topic is particularly salient as of late, as a long-lived root certificate managed by Sectigo (formerly Comodo) expired, causing many unexpected problems for many …
What to do when you take control/inherit a Secure Network Environment.
There are a lot of reasons why you might inherit a network. Maybe the person who handled SSL/TLS left abruptly, or perhaps you’re doing a favor for a friend. Whatever the reason, it can be overwhelming to get a handle on the sorts of care and …
When to use a Wildcard SSL Certificate
A wildcard Certificate allows you to secure unlimited sub-domains on a single level under your main domain. But it may not always be the best choice.
Let’s Encrypt Revokes 3 Million Certificates
On Friday February 28th, Let’s Encrypt made the tough decision to revoke over 3 million certificates they had issued due to a bug in the software they use to validate CAA records. This gave companies relying on Let’s Encrypt under a week to replace …
Zero-Day Vulnerabilities and its Impact on Business
Computer System Vulnerabilities are a serious security issue that can find its way to our computers through harmless browsing activities. This can be as simple as visiting a website, clicking on a compromised message or downloading software with …
Using Wireshark to Troubleshoot network traffic encrypted by SSL/TLS
Wireshark is an extremely powerful tool for analyzing the conversations your computer is having over the network. When an application’s logs come up empty, Wireshark is often the best way to figure out what’s going with software. When …
You may be also interested in reading our other resources...
Learning Center
View more resources on cyber security, encryption and the internet.
Helpful Guides
View more Guides, FAQs and information to help with your Certificate purchases.