Login to your account

Username *
Password *
Remember Me

Create an account

Fields marked with an asterisk (*) are required.
Name *
Username *
Password *
Verify password *
Email *
Verify email *
Captcha *
Reload Captcha

Advertisement

Don't Let Your Digital Certificates Expire

Written by  Oct 03, 2019

X.509 certificates help secure the identity, privacy, and communication between two endpoints, but remember that these digital certificates have built-in expiration.

Trusted relationships of any nature must be monitored. Digital certificates – a standardised, encrypted exchange of credentials between two endpoints – are the medium for managing trust online for the last 20+ years.

Digital certificates aren't technically complex, but they do have a built-in expiration date that if ignored can bring operations to a grinding halt. While most users manage their certificates manually, there are a range of products and services available today that can do this for you.

Certificates have evolved in the past few years as essential for all websites, thanks to a change in Google's search algorithms that give greater preference to URLs using digital certificates (the green padlock on websites).

In addition to Google search changes, the Internet of Things (IoT) is also making the market more active. Digital certificates are increasingly being used by organisations to better secure a huge range of IoT's devices, experts say.

"Every IoT device needs a certificate to pair up with the mothership that [shows] all the rights and protections are there," says Andrew Webber, senior analyst at Copes.

According to recent statistics the 2018 global market value of digital certificates are worth around £62 million, forecasted to grow about 10% annually to £101 million in 2023, according to Research and Markets.

Their purpose

Basically, digital certificates help organisations ensure identity, privacy, or both. They establish "mutual nonrepudiation"; a sender can't deny sending a message or transaction, and a receiver can't deny receiving it. While a would-be user can create his own digital certificate, an individual or an organisation more typically applies to a trusted third-party called a certificate authority.

Using the X.509 standard, which is essentially an encryption standard for how Public Key Infrastructure (PKI) information gets formatted and exchanged, the certificate gets issued for a fee with a number of unique criteria, including a serial number, subject (applicant's name), usage information, as well as public key, associated signature algorithm, and the signature of the issuer.

The certificate also contains "not before" and "not after" fields, which specify how long it's valid. The maximum term of a digital certificate is 825 days, though most CAs will limit the term to 2 years to allow for inadvertent expiration.

Modern digital certificates use the Transport Layer Security (TLS) as the means for two entities to exchange PKI information and verify the integrity of their connection. Secure socket layer (SSL) is still used in some cases but really shouldn't be as it does not offer the same level of security.

Managing Your Certificates

Certificates are often managed by simply using a spreadsheet.

If your workload is vast, a variety of digital certificate management products are available from vendors including Webroot and CyberReason. They ensure certificates are renewed before their expiration dates and promise seamless security and connectivity.


Do you find this article useful? Comment below...

Paul Anderson

Our Cyber world tech journalist, Paul specialises in Cyber Security having worked in the field for over 5 years and has previous Tech admin roles to his credit. Applying Cyber tech to office use and sharing Cyber related articles are what Paul offers us. He is very experienced and his contribution is invaluable.

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.

Advertisement
isnlogo

Popular in Technology

IT Security

Error: No articles to display

Office Tech

Error: No articles to display

Mobile Tech

Error: No articles to display