Hong Kong Finance

Oct 1 2017

Install Intermediate Certificate #root #ssl #certificate


#

Customer Support Install Root Certificate

AlphaSSL Certificates are trusted by all browsers and mobile devices. AlphaSSL also adopts a high security model which means that you need to install a single Intermediate Certificate on your web server. Your customers do not need to install anything as AlphaSSL is issued from a highly trusted and widely distributed trusted Root CA certificate. Please select your Webserver from the list below and follow the instructions.

Download the Root Certificates here (Right Click Save-as):

Root CA
crt DER Format | .pem Format | .txt Format – this root CA certificate does not need need to be installed on your webserver

AlphaSSL Intermediate CA
Copy and Paste ALL characters from the appropriate box below into a text editor and Save to your server as per your Server installation instructions.

Be sure to include the —–BEGIN CERTIFICATE—– and —–END CERTIFICATE—– lines.

SHA-256 – Orders March 31, 2014 and After

AlphaSSL SHA-256 R1 Intermediate Certificates
AlphaSSL CA – SHA256 – G2
SHA256 – RSA – 2048
Valid until: 20 February 2024
Serial #: 04 00 00 00 00 01 44 4e f0 36 31
Thumbprint: 4c 27 43 17 17 56 5a 3a 07 f3 e6 d0 03 2c 42 58 94 9c f9 ec

SHA-256 Orders Prior to March 31, 2014

AlphaSSL SHA-256 R3 Intermediate Certificates
AlphaSSL CA – SHA256 – G2
SHA256 – RSA – 2048M
Valid until: 02 August 2022
Serial #: 04:00:00:00:00:01:31:89:c6:39:dc
Thumbprint: ae:bf:32:c3:c8:32:c7:d7:bc:55:99:b1:aa:05:fb:6c:f4:d9:29:4c

SHA-1 – For Installation On or After June 26 2011

Valid until: 11 April 2017
Serial #: 04:00:00:00:00:01:1e:44:a5:f3:65
Thumbprint: b4:a0:38:53:e0:1c:73:53:4f:bb:bc:b4:4b:3a:e8:9a:79:84:13:27

SHA-1 – For Installation Prior to June 26 2011

Valid until: 11 April 2017
Serial #: 04:00:00:00:00:01:1e:44:a5:f3:65
Thumbprint: b4:a0:38:53:e0:1c:73:53:4f:bb:bc:b4:4b:3a:e8:9a:79:84:13:27

What are Intermediate CA certificates?
All customers installing an AlphaSSL Certificate will need to install the Alpha CA Intermediate CA onto their web servers. The installation needs to only be conducted once. Once installed, all browsers, applications and mobiles will trust AlphaSSL Certificates transparently. The Intermediate CA certificate needs only be installed on the web server and does NOT need to be installed by visitors to your web site.

Why does AlphaSSL use an Intermediate CA certificate?
AlphaSSL has always adopted a high security model when issuing digital certificates. We use a trust chain that ensures that the primary root CA used to create the Alpha CA Intermediate CA (i.e. the GlobalSign Root CA certificate that is pre-installed with all browsers, applications and mobiles) is offline and kept in a highly secure environment with stringently limited access. This means the root CA is not used to directly sign end entity SSL Certificates, as such AlphaSSL employs a best practices approach for it Public Key Infrastructure therefore protecting against the major effects of a key compromise . For example, a key compromise of the primary Root CA would render the root and all certificates issued by the root untrustworthy, and because we keep our root offline this (somewhat unlikely event) is significantly less likely to happen.

The use of Intermediate CAs is utilized by all major Certification Authorities because of the extra security level they provide.

Copyright AlphaSSL. All RIghts Reserved.


Written by admin


Leave a Reply

Your email address will not be published. Required fields are marked *