Trusted Security Brand

Consumers, citizens and employees increasingly expect anywhere-anytime experiences — whether they are making purchases, crossing borders, accessing e-gov services or logging onto corporate networks. They also expect the ecosystems that allow this freedom and flexibility to be entirely reliable and secure. Now, Entrust offers an expanded portfolio of solutions to make these ecosystems possible. Entrust offers software authentication platforms that strengthen security in a wide range of identity and transaction networks. As a whole, Entrust issues more than 10 million secure identities every day and manage billions of secure transactions annually.

Wide Range of Products and Services

• Secure Sockets Layer (SSL) digital certificates are electronic files that are used to identify people and resources over networks such as the Internet. Digital certificates also enable secure, confidential communication between two parties using encryption.
• Certificates are issued by a Certification Authority (CA). Much like the role of a passport office, the CA validates the certificate holder’s identity and “signs” the certificate so that it cannot be tampered with or altered.
• Entrust offers a wide range of SSL and digital certificates to meet every security need.

Entrust Service Excellence

• WebTrust Seal - Entrust was the first certification authority (CA) in the world to earn the WebTrust for Certification Authorities (CAs) Seal of Assurance from the American Institute of Certified Public Accountants (AICPA) and the Canadian Institute of Chartered Accountants (CICA). A WebTrust Seal provides you the assurance and confidence in the security of a public key infrastructure (PKI).
• Better Browser Trust - Entrust TLS/SSL digital certificates are trusted by more than 99 percent of all Web browsers in use today. From Microsoft Internet Explorer (IE), Mozilla Firefox, Google Chrome and the top mobile platforms, you can be sure Entrust TLS/SSL certificates are secure, trusted and interoperable.
• Get your SSL certificates from the best - A TLS/SSL site seal is much more than a fancy badge that websites display on their home page. The seals are actually used to verify the legitimacy of a site’s TLS/SSL certificate in real-time. You can check a TLS/SSL certificates authenticity, expiration date, certification authority and more.
• The Art of TLS/ SSL best practices - Whether you’re new to SSL or possess years of experience with the technology, it never hurts to familiarize yourself with the security standard of the Internet. Entrust offers the best certificate management, website performance, and support tools on the market. We’ve compiled a collection of resources with useful information that will help you understand the technology — and even help you make important purchasing decisions.

Ease of Doing Business

• Entrust is one of the easiest Certificate Authorities to do business with. Our customers love our dedicated sales representatives, flexible policies and integrated suite of products.

Entrust TLS/SSL Is Security

• Secure Sockets Layer (SSL) digital certificates are electronic files that are used to identify people and resources over networks such as the Internet. Digital certificates also enable secure, confidential communication between two parties using encryption.
• Certificates are issued by a Certification Authority (CA). Much like the role of a passport office, the CA validates the certificate holder’s identity and “signs” the certificate so that it cannot be tampered with or altered.

Cutting-Edge Encryption

• Your website’s security is our number one priority. That’s why Entrust certificates feature cutting-edge 256-bit encryption – the most secure encryption available – to secure your data. Entrust certificates support SHA-2 algorithms with ECC used in our root certificates, delivering the strongest security and increased performance.

Protect and Authenticate Identities in the Cloud

• The protection and authentication of digital identities is one of the key components in securing online transactions or communications. Entrust is diligent in ensuring we meet or exceed industry requirements for the issuance and management of publicly-trusted certificates and TLS/SSL Security. This added level of authentication makes it more difficult for your identity to be misused and your account compromised.

Safe Use of Wildcard Certificates

• Properly managed Wildcard Secure Socket Layer Certificates can provide increased flexibility for system administrators, but they come with increased risk. Entrust recommends using proper safeguards when deploying Wildcard certificates. Safe Use of multi-server digital certificates Properly managed, multi-server certificates can provide increased flexibility. However, they also decrease SSL Security and increase the probability of eavesdrop and impersonation attacks. Entrust recommends using proper safeguards when deploying multi-server certificates.

Entrust Legal Repository

Legal and Compliance

The vast majority of current browsers will connect seamlessly to sites secured with an Entrust TLS/SSL Certificate. Below is a list of servers and browsers which have been confirmed to work with TLS/SSL certificates from Entrust.

Extended Validation (EV) Browsers

• Apple iPhone 3.0
• Apple Safari 3.2
• Google Chrome
• Microsoft Edge
• Microsoft Internet Explorer 7+
• Mozilla 3+
• Opera 9.5+

Web Browsers

• AOL 5+
• Apple Safari 1+
• Camino 1.0+
• Firefox 1.0+
• Flock 1.0+
• Google Chrome
• Konqueror 2.2.1+
• Maxthon 2+
• Microsoft Edge
• Microsoft Internet Explorer 5+
• Mozilla 1.7+
• MSN Explorer
• Netscape 4.51+
• Opera 5+

Mobile Devices

• Access NetFront
• Android 2.0+
• Apple iOS 2.0+ (iPhone, iPad, iPod Touch)
• Brew
• Kyocera
• NTT Docomo
• Nokia phones
• Openwave mobile browser
• Opera mini
• Palm OS
• Palm Treo
• RIM BlackBerry OS
• RIM BlackBerry Tablet OS (PlayBook)
• SoftBank Mobile
• Sony-Ericsson phones
• Symbian OS based handsets (Lenovo, Nokia, Orange, Panasonic, Samsung, Siemens, Sony-Ericsson)
• TorchMobile Iris Browser
• webOS
• Windows CE
• Windows Mobile 2003+, 5+
• Windows Phone 7+

Supported Servers

• Apache (OpenSSL)
• Apache Tomcat
• Barracuda
• BEA Weblogic
• C2Net Stronghold
• Check Point
• Cisco ACE
• Cisco ACS
• Cisco ASA
• Citrix Access Gateway
• Citrix NetScaler
• Citrix Secure Gateway
• cPanel
• F5 BIG IP
• F5 Firepass VPN
• IBM HTTP Server
• IBM Websphere
• iPlanet Server
• Java Web Server (keytool)
• Juniper Secure Access VPN
• Linux Redhat
• Lotus Domino
• Mac OS X
• Microsoft Exchange 2007
• Microsoft Exchange 2010
• Microsoft Forefront TMG
• Microsoft IIS 5/6
• Microsoft IIS 7
• Microsoft ISA
• Microsoft Lync 2010
• Microsoft Office Communications Server
• Oracle Wallet Manager
• Plesk
• SAP
• Sun Java Web Server
• Zeus

Application Suites

• SeaMonkey 1.0+

Java Clients

• IBM SDK
• Oracle Jinitiator
• Sun Java (JRE J2SE J2EE JDK) 1.4.2+
• Sun Java (J2ME) 2.1+

Notes

If your client is not listed above but is supported by Entrust or if you cannot find the client you’re looking for, please contact us.

Trusted Security Focused On You

Vulnerabilities Heartbleed, POODLE, and FREAK have let the world at large know that our communications structures need better protection. There’s never been as much scrutiny of the Secure Socket Layer (SSL) and Transport Security Layer (TLS) protocols as there is today. And while scrutiny is good, it may be warranted elsewhere. Most attention is typically placed on the protocol’s vulnerabilities. But the fact that most organizations don’t realize that is, that it’s their own actions and improper deployment that are proving to be bigger challenges to the state of their security than inherent vulnerabilities in the protocols.

In many companies it seems that certificates are accounted for using some hard-to-maintain manual process, and that security breaches on secure servers are only flagged when there is wide public discovery. Security upgrades don’t seem to occur otherwise. And, we can’t say that system administrators are to blame. SSL/TLS is a deceptively simple technology. It’s not actually as easy to deploy correctly as it seems.

That’s why our SSL experts have put together Entrust’s SSL Best Practices resources, so we can help guide you to safer SSL/TLS deployment and keep you aware of all industry security news and upgrades that are available to you.

How Does TLS/SSL Work?

You’ve heard of SSL, but do you know how it actually works? If not, we’ve gathered a comprehensive primer on the history of the technology and how it’s used to secure and encrypt online transactions and communication.

How does TLS/SSL work?

Better Browser Trust

SSL/TLS is a powerful technology, but the key to ensuring your site is properly protected is correct deployment. Entrust’s TLS/SSL Best Practices guide dives deep into the complexities of TLS/SSL and teaches you the common mistakes and best practices that address today’s popular security problems/ concerns.

TLS/SSL Best Practices Guide

TLS/SSL Service and Support

If you’re not yet well-versed in TLS/SSL or if our documents didn’t cover your specific problem, Entrust has technical support services that can help answer your questions and find what you’re looking for.

Contact Support

Extended Validation Is the New Web Standard

Green is good. And EV means green. Today’s web browsers display the corporate name with a green address bar for sites protected by an EV TLS/SSL certificate. That’s what makes EV TLS/SSL certificates a consumer favorite, they offer reassurance through the green bar and other visual cues in the un-modifiable parts of the browser that the site they are visiting is legitimate.

EV TLS/SSL Certificates

The Importance of Organizational Validation

TLS/SSL certificate providers employ different methods for verifying the identities of the organization or individual purchasing TLS/SSL certificates. Entrust thinks it’s important to understand the difference between verification types.

OV vs. DV

Protect and Authenticate Identities in the Cloud

The protection and authentication of digital identities is one of the key components in securing online transactions or communications. Entrust is diligent in ensuring we meet or exceed industry requirements for the issuance and management of publicly-trusted certificates. This added level of authentication makes it more difficult for your identity to be misused and your account compromised.

Elliptic Curve Cryptography (ECC) Entrust provides innovative organizations the opportunity to deploy digital certificates using advanced ECC technology. Test your applications and services for compatibility with the advanced ECC standard.

Elliptical Curve Cryptography (ECC)

Migrating to SHA-2

Google is being proactive in strengthening the trust chains of the online community. In September 2014, the company announced that they will sunset SHA-1. This change, however, introduces necessary growing pains for global website operators. As with most aging cryptography, time is the enemy. Advances in computing power overcome cryptographic strength. In this case, SHA-1 has been determined to be weak against collision attacks.

Migrating to SHA-2