Changes Affecting Xolphin as of 15 February 2024

Xolphin is now part of Sectigo. As part of our ongoing strategy to leverage the latest technology in our validation processes, and to improve Xolphin customers' validation times, Sectigo is updating the Xolphin platform and APIs. This means, however, that API changes are coming to Resellers who sell OV/EV SSL and Code Signing certificates issued by Sectigo.

For more information see our guide. For questions contact Xolphin Support.

Terminology

  • Cryptograpic algorithms are being used to encrypt and decrypt messages. This enables two parties to communicate safely, without someone reading along. What is an algorithm? In essence, an algorithm consists of instructions ...

    More

  • The CAA record is a DNS record type that allows domainname owners extra control over SSL certificates that can be issued for their domains. You define which CA is allowed to issue what type of certificates, if any, for your d...

    More

  • A CA provides services in the field of certificate issuing and electronic signatures, where it acts as a Trusted Third Party. A CA is responsible for the validation of certificate requests, issuing certificates, revocation of...

    More

  • A Certificate Revocation List (CRL) is a list of certificate serial numbers that have been revoked, no longer valid and can not be trusted anymore by users. A CRL will be created periodical. The CRL will be published frequen...

    More

  • When requesting an SSL Certificate, a CSR (Certificate Signing Request) is required. The CSR is encrypted text containing information about the certificate that needs to be requested. For each certificate request a new CSR is...

    More

  • Certificate transparency is a Google initiative. Google Chrome uses Certificate transparency to check if a SSL certificate has been issued legitimately. How does Certificate Transparency work? Certificate Transparency (CT) ...

    More

  • DNSSEC is an extension of the current DNS protocol, which adds security to the use of domain names. All domain names can make use of this technology, but have to request use of it through the registrar of the domain first. DN...

    More

  • ECC
    What is ECC (Elliptic Curve Cryptography)? Elliptic Curve Cryptography (ECC) is an algorithm which can be used as an alternative for RSA (RSA is currently the most used algorithm for SSL). ECC keys are harder to crack compar...

    More

  • An EV SSL certificate gives websites a professional and trustworthy appearance. By making the company data visible, visitors are able to see within a mouseclick whom they do business with. The EV certificates of Sectigo are c...

    More

  • From May 25 2018 the General Data Protection Regulation (GDPR) is a fact. From this date on the same privacy regulations are applicable throughout the entire EU. Anyone who collects and processes personal data through a websi...

    More

  • HTTP Strict Transport Security (HSTS) is a server setting that enforces a secure HTTPS connection. Why HSTS? After installing an SSL certificate, a website can be reached through an HTTPS connection. This way, data is trans...

    More

  • With a Multi Domain Certificate it's possible to secure multiple domain names and subdomains in one certificate. This type of certificate is also known as an SAN- or UCC (Unified Communications Certificate) certificate. Requ...

    More

  • For safe use of digital certificates, a careful check on the validity of the certificates is very important. This validity check can be made using a Certificate Revocation List (CRL) or the Online Certificate Status Protocol ...

    More

  • To be able to safely use digital certificates, it is vitally important they are carefully checked for validity. This check can be done using a CRL or an OCSP. How does OCSP work? OCSP (Online Certificate Status Protocol) is...

    More

  • Reissuing a certificate means the certificate is issued again, (well) before its expiration date. The duration of the certificate remains the same, unless it has a term longer than 13 months after September 1 2020 at the mom...

    More

  • A root certificate identifies a Certificate Authority. With this root certificate a CA signs one or more subordinate certificates, that sign the SSL certificates of end-users. A webbrowsers contains a list with root certifica...

    More

  • Server Name Indication is an extension of SSL and TLS which indicates which host name the client wishes to establish a connection with at the start of the handshaking process. This enables the server to present several certif...

    More

  • The National Institute of Standards and Technology (NIST) adviced to change to SHA-2 for issuing digital certificates. The SHA-family is developed by the NIST and is used by Certificate Authorities (CA's) for signing certifi...

    More

  • There are virus scanners on which users can enable the ability for safe browsing. Once used, the secure HTTPS:// connection from the website will be intercepted. Method An SSL certificate will be trusted by a browser once t...

    More

  • This article describes the encryption protocols SSL and TLS and the TLS Handshake that is required for setting up an HTTPS connection. SSL and TLS The encryption protocols Secure Sockets Layer (SSL) and it's sibling Transpo...

    More

  • Many applications need passwords for logging in, and the number of applications is steady growing. People tend to use either one password for all applications, or a separate password per application, but have that written dow...

    More

  • With Two-Way SSL, both client and server authenticate each other to ensure that both parties involved in the communication are trusted. In this mutual authentication process, the client and server share their public certifica...

    More

  • What is a wildcard SSL certificate and where can you use it for? A Wildcard Certificate secures every subdomain on a root domain. When using a Single Domain certificate, it will be connected with a specific (sub)domain, for e...

    More

SSLCheck

Our SSLCheck will examine your website's root and intermediate certificates for correctness and report any potential issues

point up