Site icon SSL.com

Certificate Authority Security Best Practices Guide for Branded Resellers: Comprehensive Security Measures

Introduction

As a leading Certificate Authority (CA) and a trust services company, we prioritize the security and trustworthiness of our digital certificates and our identity validation procedures. This guide is focused on our branded reseller partners who hold subordinate certificate authorities chained to SSL.com’s trusted root (referred to as “subCAs”) and are responsible for collecting validation evidence, submitting it to our registration authority portal, and facilitating the issuance of certificates from the partner-branded subCAs that are managed by SSL.com. The purpose of this guide is to ensure the integrity and security of the validation evidence submission process and the certificate lifecycle, for resellers do not have direct access to root material and can only interact with certificate lifecycle operations through a designated API or through an account in the registration authority (RA) portal managed by SSL.com.

Secure Collection of Validation Evidence for Extended, Organization and Individual Validation Types


Safe Submission of Validation Evidence to Root CA


Best Practices for Using the Certificate Lifecycle Operations API

Maintaining a Secure Website


CA/B Forum Network and Certificate Systems Security Requirements

Promoting End User Best Practices with Private Key Generation, Storage, and CSRs


Secure Storage of Private Keys

The trust in our CA and our branded resellers is paramount. By adhering to these comprehensive best practices, we can ensure the security and integrity of the certificate issuance process, protect user data, and maintain the trust of our end-users. We encourage all our resellers to implement these practices diligently and reach out to us for any further guidance or clarification.
Exit mobile version