NoticesOn November 29, 2016 the price of wildcard certificates will change from 2 units to 4 units. Your current certificates will not be affected.
SHA-1 certificates will trigger warning in new edition of Chrome
Google has phase out support for certificates using a SHA-1 hashing algorithm with production version of Chrome version 39 as of November 2014.
This effects any SHA-1 certificates that expire beyond December 31, 2015.
You can check your certificate via Thawte's SSL toolbox at:
If successful you will get the message:
Certificate installation successfully checked
If there are issues you will get the message:
Certificate installation check failed
Minimum RSA key bit length
Beginning in January 2012, 2048-bit RSA keys will be required and enforced for all new multi-year SSL certificates.
After December 31, 2013, the industry is discontinuing the use of 1024-bit RSA key lengths on all SSL certificates, per
NIST Special Publication 800-131A. http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-131a.pdf
Private Internet Protocol (IP) addresses and Internal Server Names
Certificates with validity end dates on or after November 1,
2015 cannot contain any private IP addresses or Internal Server Names in their CN or SAN fields.
To keep certificates in compliance, Thawte systems will automatically prevent certificate enrollments or renewals which could conflict with this date requirement.
Certificate Life Span
Effective April 1, 2015 Thawte will issue only certificates with 1, 2, and 3-year validity periods.
Published on and maintained in Cascade CMS.