Monthly Archives: June 2010

Here’s a quick note on how you can use OpenSSL to verify that a private key matches a CSR or certificate. Basically, the moduli of the key, the certificate, and CSR should be the same. To make the comparison a bit easier you can compare the md5 ha… Continue reading →

As we mention in our CSR FAQ, several organisations including NIST recommend a minimum of 2048-bit RSA keys for SSL and other end-entity certs that expire after 31st December 2010. Here’s a recent blog post from Entrust on the subject. – Phil Continue reading →

When a browser is determining whether or not to trust your certificate, it checks that the domain name in the address bar matches your SSL certificate. Typically it does this by checking that the certificate’s Common Name (CN), which is specified … Continue reading →

Just to let you know, we’ve added a new check to our SSL Checker tool. It now checks that the SSL certificate being tested will be trusted by most browsers. It does this by building a certificate chain from the SSL certificate to a trusted root CA… Continue reading →

Hello World! We launched Cert Logik as a public beta a few days ago and we hope you are finding the tools useful. Please let us know how we can improve them for you, what features you’d like to see, what other tools you need, and any other feedbac… Continue reading →