Skip to main content
  • EDC Logo
  • Solutions
  • Products
  • Partners
  • Support & Services
  • Resources
  • About
  • Search
  • Contact Sales
    • Contact an Expert
    • Get Support
    • Solutions
      • Strong Identities
        1. Identity Verification
          Enable high assurance identities that empower citizens.
        2. ID Issuance
          Issue safe, secure digital and physical IDs in high volumes or instantly.
        3. User Identity
          Elevate trust by protecting identities with a broad range of authenticators.
        4. Machine Identity
          Issue and manage strong machine identities to enable secure IoT and digital transformation.
        5. Digital Signature
          Use secure, verifiable signatures and seals for digital documents.
      • Secure Payments
        1. Financial Issuance
          Issue digital and physical financial identities and credentials instantly or at scale.
        2. Digital Card Solution
          Issue digital payment credentials directly to cardholders from your bank's mobile app.
      • Trusted Infrastructure
        1. Post-Quantum Cryptography
          Find, assess, and prepare your cryptographic assets for a post-quantum world.
        2. Database Security
          Secure databases with encryption, key management, and strong policy and access control.
        3. Multi-cloud Security
          Keys, data, and workload protection and compliance across hybrid and multi-cloud environments.
    • Industry
        1. Financial
        2. Government
        3. Education
        1. Enterprise
        2. Healthcare
        3. Retail
    • Compliance
        1. PSD2
        2. HIPAA
        3. GDPR
        4. Swift
        1. CMMC
        2. eIDAS
        3. NITES
    • Featured Products
      • As a Service Products
        1. Identity Verification as a Service
          Citizen verification for immigration, border management, or eGov service delivery.
        2. Identity as a Service (IDaaS)
          Cloud-based Identity and Access Management solution.
        3. Digital Signing as a Service
          Cloud-based digital signing solutions.
        4. Instant ID as a Service
          Issue physical and mobile IDs with one secure platform.
        1. Digital Card Solution
          Instantly provision digital payment credentials directly to cardholder’s mobile wallet.
        2. PKI as a Service
          A highly secure PKI that’s quick to deploy, scales on-demand, and runs where you do business.
        3. nShield as a Service
          Subscription-based access to dedicated nShield HSMs for cloud-based cryptographic services.
        4. Seamless Travel as a Service
          Remote identity verification, digital travel credentials, and touchless border processes.
        1. Instant Financial Issuance
          In-branch and self-service kiosk issuance of debit and credit cards.
        2. Central Financial Issuance
          High volume financial card issuance with delivery and insertion options.
        3. Instant ID Issuance
          Secure issuance of employee badges, student IDs, membership cards and more.
        4. Central ID Issuance
          Passports, national IDs and driver licenses.
        5. nShield HSMs
          Securely generate encryption and signing keys, create digital signatures, encrypting data and more.
        1. Cloud Security, Encryption and Key Management
          Powerful encryption, policy, and access control for virtual and public, private, and hybrid cloud environments.
        2. Digital Certificates
          TLS/SSL, digital signing, and qualified certificates plus services and tools for certificate lifecycle management.
        3. Identity and Access Management (IAM)
          One Identity portfolio for all your users — workforce, consumers, and citizens.
        4. Machine Identity Management
          Centralized visibility, control, and management of machine identities.
        5. Post-Quantum
          Learn what steps to take to migrate to quantum-resistant cryptography.
    • Enterprise ID & Issuance
      • Instant ID as a Service
        Issue physical and mobile IDs with one secure platform.
        Learn More
      • Instant Issuance
        1. Sigma Direct-to-Card System
        2. Artista Retransfer System
        3. System Software
          Personalization, encoding and activation.
        4. Supplies
        5. Services
    • Financial ID & Issuance
      • Digital Card Solution
        Instantly provision digital payment credentials directly to cardholder’s mobile wallet.
        Learn More
      • Digital Banking
        1. Digital Account Opening
        2. Digital Card Solution
      • Instant Issuance
        1. Sigma Direct-to-Card System
        2. Artista Retransfer System
        3. System Software
          Personalization, encoding and activation.
        4. Supplies
        5. Services
      • Central Issuance
        1. Card Issuance Systems
        2. Inline Card Delivery Systems
        3. Inline Envelope Insertion Systems
        4. Standalone Card Affixing/Envelope Insertion Systems
        5. Standalone Envelope Insertion Systems
        6. System Software
          Personalization, encoding, delivery and analytics.
        7. Supplies
        8. Services
    • Government ID & Issuance
      • Digital Citizen
        1. eGovernment service delivery
        2. Identity Verification as a Service
        3. Seamless Travel as a Service
        4. ePassport as a Service
      • Central Issuance
        1. Passports, national IDs and driver licenses.
        2. Passport Issuance Systems
        3. National ID and Driver License Systems
        4. Inline Delivery & Insertion
        5. Standalone Delivery & Insertion
        6. System Software
          ID Personalization, encoding and delivery.
        7. Supplies
        8. Services
      • Instant Issuance
        1. Other citizen IDs and licenses.
        2. Sigma Direct-to-Card System
        3. Artista Retransfer System
        4. System Software
          Personalization, encoding, delivery and analytics.
        5. Supplies
        6. Services
      • Identity Verification as a Service
        Our IDVaaS solution allows remote verification of an individual’s claimed identity for immigration, border management, or digital services delivery.
        Learn More
    • Cloud Security Posture Management
        1. CloudControl Enterprise for AWS
          Secure and ensure compliance for AWS configurations across multiple accounts, regions and availability zones.
        2. CloudControl Enterprise for Containers
          Security compliance and environmental hardening solution for contains and Kubernetes using VMware Tanzu and RedHat OpenShift platforms.
        3. CloudControl Enterprise for Swift
          Meet the compliance requirements for Swift’s Customer Security Program while protecting virtual infrastructure and data.
        4. CloudControl Enterprise for vSphere and NSX
          Comprehensive compliance, multi-factor authentication, secondary approval, RBAC for VMware vSphere NSX-T and VCF.
        5. CloudControl Foundation for vSphere
          Comprehensive compliance for VMware vSphere, NSX-T and SDDC and associated workload and management domains
      • CloudControl 30-Day Free Trial
        Entrust CloudControl offers comprehensive security and automated compliance across virtualization, public cloud, and container platforms while increasing visibility and decreasing risks that can lead to unintended downtime or security exposure.
        Start Free Trial
    • Key Management and Encryption
        1. KeyControl for KMIP and Secrets
          Manage all your secrets and encryption keys, including how often you rotate and share them, securely at scale.
        2. KeyControl BYOK
          Create and manage encryption keys on premises and in the cloud. Manage your key lifecycle while keeping control of your cryptographic keys.
        3. KeyControl for Database Encryption
          Integrates with your database for secure lifecycle management of your TDE encryption keys.
        4. KeyControl for Backup and Recovery
          Integrates with your backup and recovery solution for secure lifecycle management of your encryption keys.
        1. DataControl for Azure
          Data encryption, multi-cloud key management, and workload security for Azure.
        2. DataControl for AWS
          Data encryption, multi-cloud key management, and workload security for AWS.
        3. DataControl for IBM Cloud
          Data encryption, multi-cloud key management, and workload security for IBM Cloud.
      • KeyControl 30-Day Free Trial
        VMware vSphere and vSAN encryption require an external key manager, and KeyControl is VMware Ready certified and recommended. KeyControl enables enterprises to easily manage all their encryption keys at scale, including how often keys are rotated, and how they are shared securely.
        Start Free Trial
    • Hardware Security Modules (HSM)
      • nShield as a Service
        1. Subscription-based access to dedicated nShield Cloud HSMs.
      • nShield HSMs
        1. nShield Connect
          Networked appliances that deliver cryptographic key services to distributed applications.
        2. nShield Solo
          PCI-Express card-based HSMs.
        3. nShield Edge
          Personal, USB-connected desktop HSMs.
      • Management and Monitoring
        1. nShield Monitor
        2. nShield Remote Administration
      • CodeSafe
        1. SDK for securing sensitive code within a FIPS 140-2 Level 3 certified nShield HSM.
        2. Post-Quantum SDK
      • Software Option Packs
        1. Web Services
        2. Container Deployment
        3. Database Security
        4. Signature Activation Module
        5. Cloud Integration (BYOK)
        6. Double Key Encryption for Microsoft
        7. Time Stamping
      • Compliance and Certification
        1. FIPS 140-2/140-3
        2. Common Criteria
        3. eIDAS
        4. NIST 800-53
        5. GDPR
        6. PSD2
        7. HIPAA
        8. PCI-DSS
        9. NITES
      • Why you need an HSM
        1. Learn about all the details related to what hardware security modules offer you in security and cost savings...
        2. Learn More
      • Use Cases
        1. eIDAS QSCD
        2. PKI and Credentialing
        3. Data Security and Encryption
        4. Cloud Security
        5. Payments
        6. View All Use Cases
    • TLS/SSL Certificates
      • BUY NOW
        1. Buy Certificates
        2. Renew Certificates
      • TLS/SSL Certificates
        1. Buy Now
        2. Multi-Domain EV
        3. Standard Plus OV
        4. Wildcard OV
        5. Private
      • Qualified Certificates
        1. Request a Quote
        2. QWAC eIDAS Certificates
        3. QWAC PSD2 Certificates
      • Sales and Services
        1. Platinum Services
        2. Entrust Certificate Services
        3. Subscription Plans
        4. Knowledge Base and Support
    • Identity and Access Management (IAM)
      • Products
        1. Identity as a Service
          Cloud-Based IAM
        2. Identity Enterprise
          On-prem IAM
        3. Identity Essentials
          On-prem MFA solution for Windows users
        4. APIs and SDKs
      • Integrations
      • Testimonials
      • Workforce
        1. Single Sign-On
        2. Adaptive Authentication
        3. Multi-Factor Authentication (MFA)
        4. Passwordless
        5. Network and VPN Access Control
        6. Self-Service Password Reset
        7. PIV-Compliant Government Mobility
        8. View All
      • Consumer and Citizen
        1. Passkeys
        2. Identity Orchestration and Management
        3. Digital Onboarding
        4. Adaptive Authentication
        5. Multi-Factor Authentication (MFA)
        6. Passwordless
        7. API Protection and Role-Based Access Control
        8. Single Sign-On
      • Get Entrust Identity as a Service Free for 60 Days
        Explore the Identity as a Service platform that gives you access to best-in-class MFA, SSO, adaptive risk-based authentication, and a multitude of advanced features that not only keep users secure, but also contribute to an optimal experience.
        Start Free Trial
    • Electronic and Digital Signing
      • yellow checkmark lock EU Qualified Trust Services
        In addition to our long-standing Adobe Approved Trust List (AATL) membership, we are a European Qualified Trust Service Provider for the issuance of eIDAS qualified certificates for qualified signatures and advanced seals, for PSD2 certificates and for QWACs
        Learn More
      • Cloud-Based Signing Portal
        1. Signhost is a high-assurance, identity-verified electronic signature service.
        2. Get Started for Free
        1. Signhost
        2. ID Proof
        3. ID Connect
      • Digital Signing as a Service
        1. Signing Automation Service
        2. Remote Signing Service
        3. Partners and Integrations
      • Digital Signing Certificates
        1. Buy Now
        2. Document Signing
        3. PSD2 Qualified Certificates
        4. Secure Email (S/MIME)
        5. Code Signing
      • Digital Signing Infrastructure
        1. Remote Signing Engine
        2. Signing Automation Engine
        3. Timestamping Authority
        4. Signature Activation Module
    • Public Trust Certificates
      • Verified Mark Certificate (VMC) for BIMI Verified Mark Certificates (VMCs) for BIMI
        Show your official logo on email communications. Download our white paper to learn all you need to know about VMCs and the BIMI standard.
        Learn More
      • Buy and Renew TLS/SSL Certificates
        1. Buy Certificates
        2. Renew Certificates
      • Signing Certificates
        1. Document Signing
        2. Secure Email (S/MIME)
        3. Code Signing
      • Qualified Certificates
        1. PSD2 Qualified Electronic Seal Certificates
      • Sales and Services
        1. Platinum Services
        2. Entrust Certificate Services
        3. Subscription Plans
        4. Knowledge Base and Support
    • Public Key Infrastructure (PKI)
      • PKI as a Service
        1. Use Cases
        2. Post-Quantum PKIaaS
      • PKI Products
        1. Certificate Authority
        2. Certificate Agent
        3. ePassport
        4. Validation Authority
        5. Key Recovery Server
      • Managed Services
        1. Entrust Managed PKI
        2. Managed Offline Root CA
        3. Managed Microsoft PKI
        4. nShield HSM as a Service
      • Certificate Lifecycle Management
        1. Certificate Hub
        2. Certificate Enrollment Gateway
        3. CA Gateway
      • Cryptographic Center of Excellence
        1. PKI Health Check
        2. Cryptographic Health Check
      • Try Post-Quantum PKI as a Service Now
        Get PQ Ready. PKIaaS PQ provides customers with composite and pure quantum Certificate Authority hierarchies.
        Try Now
    • Internet of Things (IoT) Security
      • Credentialing and Provisioning
        1. IoT Security
        2. PKI as a Service
        3. Code Signing
      • Machine Identity Management
        1. Certificate Hub
        2. Key Management
        3. Certificate Enrollment Gateway
        4. CA Gateway
      • Global PKI IoT Trends Study
        Find out how organizations are using PKI and if they’re prepared for the possibilities of a more secure, connected world.
        Learn More
    • Machine Identity Management
      • Lifecycle Management
        1. Certificate Hub
        2. Key Management
        3. Certificate Enrollment Gateway
        4. CA Gateway
      • Credentialing and Provisioning
        1. IoT Security
        2. PKI as a Service
        3. Code Signing
      • The State of Machine Identity Management
        A recent survey by IDG uncovered the complexities around machine identities and the capabilities that IT leaders are seeking from a management solution.
        Get the White Paper
    • Post-Quantum
      • Issuance and Provisioning
        1. PKI as a Service PQ
        2. PQ Standards and Research
      • Cryptographic Center of Excellence
        1. Crypto Health Check
        2. PKI Health Check
      • overhead view of lighted highway overpasses converging Are you ready for the threat of post-quantum computing?
        Know where your path to post-quantum readiness begins by taking our assessment.
        Begin Assessment
    • Partners
      • Become an Entrust Partner
        Our partner programs can help you differentiate your business from the competition, increase revenues, and drive customer loyalty. Consider joining one or more of our Entrust partner programs and strategically position your company and brand in front of as many potential customers as possible.
        Learn More
      • Partner Directory
        Search for partners based on location, offerings, channel or technology alliance partners.
        Search for a Partner
      • Programs
        1. PartnerPlus Channel
        2. Technology Alliance
        3. nFinity HSM Technology Program
        4. IAM Managed Solution Provider
        5. Instant Issuance and Digital Issuance Managed Solution Provider
      • Partner Logins
        1. Partner Central
        2. Entrust Certificate Services Partner Portal
        3. Entrust Certificate Services Portal
        4. TrustedCare
    • Support & Services
      • Contact Support
      • TrustedCare
        Product downloads, technical support, marketing development funds.
        Learn More
      • Digital Security Knowledge Base
        Guides, white papers, installation help, FAQs and certificate services tools.
        Learn More
      • Issuance Systems Knowledge Base
        Technotes, product bulletins, user guides, product registration, error codes and more.
        Learn More
      • PKI Professional Services
      • Cryptographic Center of Excellence
        Construct best practices and define strategies that work across your unique IT environment.
        Learn More
      • Custom Cryptographic Solutions
        1. Code Signing
        2. HSM Application Integration
      • Product Deployment Services
        1. nShield Deployment Health Check
        2. nShield Remote Administration Deployment
        3. Rapid Deployment
      • Packaged Services
        1. Code Signing Gateway
        2. Double Key Encryption Integration
        3. Tokenization Solution
      • Training
        1. nShield Certified Solution Developer Training
        2. nShield Certified System Engineer Course
        3. Public Key Infrastructure Basic Training
    • Resources
      • Issuance Systems Knowledge Base
        Technotes, product bulletins, user guides, product registration, error codes and more.
        Learn More
      • Digital Security Knowledge Base
        Guides, white papers, installation help, FAQs and certificate services tools.
        Learn More
        1. Central Card Issuance
        2. Central Passport Issuance
        3. Instant Financial Card Issuance
        4. Instant ID Issuance
        5. Issuance Software
        6. Certificate Solutions
        7. PKI and IoT
        8. Identity and Access Management
        9. Hardware Security Modules (HSM)
        10. Cloud Security, Encryption and Key Management
        1. Documentation Library
        2. Training
        3. Legal and Compliance
        4. Covid 19 Updates
        5. Russia-Ukraine Conflict
      • Entrust Cybersecurity Institute Cybersecurity Institute
        Get critical insights and education on security concepts from our Trust Matters newsletter, explainer videos, and the Cybersecurity Institute Podcast.
        Learn More
    • About Entrust
      • Securing a World in Motion Since 1969
        We’ve established secure connections across the planet and even into outer space. We’ve enabled reliable debit and credit card purchases with our card printing and issuance technologies. Protected international travel with our border control solutions. Created secure experiences on the internet with our SSL technologies. And safeguarded networks and devices with our suite of authentication products.
        Explore Our History
        1. Leadership
        2. Blog
        3. Careers
        4. Events
        5. Webinars
        6. Podcasts
        7. News Articles
        8. Press Releases
        1. Contact Sales
        2. Contact Support
        3. Locations
      • Entrust Cybersecurity Institute Cybersecurity Institute
        Get critical insights and education on security concepts from our Trust Matters newsletter, explainer videos, and the Cybersecurity Institute Podcast.
        Learn More
    • Shop
      • Entrust Certificate Services Portal
        Existing Entrust Certificate Services customers can login to issue and manage certificates or buy additional services.
        Learn More
      • Entrust Certificate Services Retail
        Shop for new single certificate purchases.
        Learn More
      • Entrust Certificate Services Partner Portal
        Existing partners can provision new customers and manage inventory.
        Learn More
      • Instant Financial Card Issuance Supplies
        1. Registered Customer Login
        2. Request Access
    • Search Entrust
Entrust Blog › Certificate Services

SSL Review: November 2015

Bruce Morton
Bruce Morton December 3, 2015

Entrust’s monthly SSL review covers SSL/TLS discussions “” recaps news, trends and opinions from the industry.

Entrust and CA Security Council

Entrust Identity ON discussed:

  • Thwart the Holiday Humbug with These Safe Online Shopping Tips

CA Security Council discussed:

  • CA/B Forum Istanbul 2015
  • Code Signing Baseline Requirements

Hot Topics & Opinions

Malicious Code Signing —

  • Malicious Code-Signing Becomes Dark-Web Cottage Industry

Dell Delivers PCs with Root and Private Key —

  • Security Bug in Dell PCs Shipped Since 8/15
  • Information on the eDellRoot and DSDTestProvider certificates and how to remove them from your Dell PC
  • Microsoft Updates Security Tools To Address Dell Digital Certificate Issues

News & Notes

  • ACME: Better Security through Automation
  • Updated Firefox Security Indicators
  • Microsoft’s SHA-1 Deprecation Update
  • Firefox 42 … answer to the ultimate question of life, security bugs and fully private browsing?
  • Let’s Encrypt discusses, Why ninety-day lifetimes for certificates?
  • New Google Search Console Notifications For SSL/TLS Mismatch Errors
  • Dominic Lill discusses the rewards of a secure website
  • Slew of snafus threaten integrity of SSL/TLS
  • Google to Warn Recipients of Unencrypted Gmail Messages
  • Mozilla is Improving Revocation with OCSP Must-Staple and Short-lived Certificates
Tags:

  • Code Signing
  • Dell
  • eDellRoot
  • OCSP must-staple
  • SHA-1
  • short-lived certificates
  • SSL
  • SSL Review
  • TLS
  • Certificate Services
Bruce Morton
Bruce Morton / VIEW ALL OF Bruce'S POSTS Director for Certificate Services

Bruce Morton is a pioneering figure in the PKI and digital certificate industry. He currently serves as Director for Certificate Services at Entrust, where he has been employed since 1997. His day-to-day responsibilities include managing standards implementations, overseeing Entrust’s policy authority, and monitoring Entrust Certificate Services for industry compliance.

Entrust Text and Entrust Hex Logo Entrust Text and Entrust Hex Logo
Contact
  • Contact Sales
  • Contact Support
  • Find a Location
Company
  • About
  • Careers
  • Events
  • Webinars
  • Impressum
Newsroom
  • Blog
  • News
  • Press Releases
  • Cybersecurity Institute
Product Resources
  • Entrust Store
  • Resources
  • Library
  • Training
  • Legal and Compliance
  • Covid 19 Updates
Social
  • Twitter
  • Facebook
  • Instagram
  • LinkedIn
  • YouTube

  • English
  • 中文
  • Português
  • Français
  • Deutsch
  • Русский
  • 한국어
  • Español
  • Italiano
  • 日本語
  • Legal
  • Privacy Statement
  • Internet Based Ads
  • Terms of Service
  • Terms of Use
  • Company Policies
  • Cookie Preferences
  • Do Not Sell
©2022 Entrust Corporation. All rights reserved.
×

👋 Hello, if you have any
questions, I'm ready to chat.

Chat Now
Close Pre-Chat Window
Chat with Entrust

What would you like help with today?

CMMC HSM HSM Digital Certificates Digital Signing Certificates Identity and Access Mgmt PKI/IoT Instant ID Card Issuance Instant Financial Card Issuance Central Government Card Issuance Central Financial Card Issuance Central Passport Issuance

It looks like our HSM agents are not available right now.

Would you like us to contact you?

Yes No

Great! We look forward to talking with you.

Please complete this simple form and we'll have someone get in touch with you shortly.

Request an Agent Call

No problem.

If you’d like to explore HSMs on our website, here are some links to help:

View HSM Products