hero-blog-1

Industry News

Let’s Encrypt Pauses Certificate Issuance After Internal Error

On May 8, 2026, Let’s Encrypt temporarily stopped issuing certificates after detecting an internal error in its certificate system. Existing certificates remained valid, but new requests and automated renewals were affected during the interruption. Service was later restored after Let’s Encrypt changed the affected issuance path. What Happened Inside Let’s Encrypt? The interruption traced back […]

SHA-1 Is Finally Being Removed from the Last Corners of PKI

On January 24, 2026, the CA/Browser Forum approved a ballot to fully sunset the remaining uses of SHA-1 signatures within the public certificate ecosystem. The change targets edge cases that survived long after SHA-1 was deprecated from regular TLS certificates. This is not a reaction to a new cryptographic break. SHA-1 has been considered unsuitable […]

Code-Signing Trust Window Shrinks to 460 Days

Code-signing certificates will soon get much shorter lifespans. A new industry rule approved on 17 November 2025 cuts their maximum validity from 39 months to 460 days, effective 1 March 2026. The change appears in the updated Code Signing Baseline Requirements v3.10.0.

Council Services Down After London Cyberattack

Three of London’s most high-profile councils were thrown into disruption last week after a cyberattack struck their shared IT systems, knocking critical services offline and forcing an urgent response from national security agencies.

Why the SSL Green Bar No Longer Exists?

The SSL certificate green bar was once a premium and exclusive feature of Extended Validation certificates. It displayed the company’s official name next to the URL, providing users instant assurance about the site’s authenticity. But as with everything online, advancements and progress in HTTPS adoption caught up with the green bar and forced industry decision-makers […]

OV Code Signing Certificates to be Issued on Real Devices

OV Code Signing certificates are to software developers like SSL certificates are to a website. Without them, the publisher remains unknown, while the code is highly susceptible to cyber-attacks. As is with any PKI product, protecting Code signing keys is essential. But just like with regular SSL certs, sometimes the keys fall into the wrong […]

Microsoft 365 services to replace Root Certificate in 2025

Root SSL certificates are at the core of the SSL chain of trust. Certificate Authorities use them to issue server certificates to end-users. Browsers and apps include root certs in their installation pack and can swiftly revoke them during security incidents. CAs replace root certificates well in advance before they expire. Certificate Authorities store the […]

Apple and Meta Caught in a Data Leak Blunder

Apple and Meta are two companies you least expect to be scammed. But it’s not the first time Big Tech giants are making the headlines for the wrong reasons. This time, hackers pretending to be law enforcement officials obtained customer data from the two powerhouses. The same group has also targeted Snap Inc and the […]

Organizational Unit Fields to be Removed from SSL Certificates

Since the introduction of SSL by Netscape in 1994, digital certificates have grown along with the entire Web. Through trials and errors, innovations, and adjustments, the SSL certificates have been constantly refined to meet the most rigorous security needs. The reduction of SSL validity to just one year and the removal of the green address […]

Firefox SSL Error Makes Microsoft.com Unaccessible

SSL errors are never a pretty sight. You may encounter one in the most unexpected places, as no one is “immune” from them, even powerhouses such as Microsoft. This week, Mozilla Firefox web browser users could not access Microsoft.com and its subdomains. Reports worldwide indicated that the error stemmed from Firefox itself, as all Microsoft […]