Blog about digital certificates, CAs, and security
Shortening Certificate Validity: Automation is a Must
The TLS certificate landscape is changing rapidly. Shorter lifetimes and increased pressure for automated validation are reshaping current practices. With early changes from DigiCert and Google pushing automatic domain validation, automation is no longer…
Jan 23, 2026 | Jindřich ZechmeisterFrom the latest articles
DigiCert introduced the ACME client DC-ACME for automation.
The new DC-ACME ACME client from DigiCert enables automatic certificate renewal without third-party tools. You therefore do not need to rely on Certbot or other programs. You can easily obtain the ACME EAB credentials in your SSLmarket account and start…
Jan 2, 2026 | Jindřich ZechmeisterSafer Software with Signing Transparency: What's New from Microsoft
Microsoft introduced Signing Transparency — a cryptographically verifiable transparent log that increases trust in software and protects against attacks on the software supply chain. Learn how this technology is changing the way signed artifacts are verified.
Nov 28, 2025 | Jindřich ZechmeisterACME and EAB: Support for Web Servers (Status as of 10/2025)
Learn how to use ACME and EAB to automate TLS certificates. We compare support on Nginx, Apache, LiteSpeed, and others, tips for DigiCert, and hassle-free implementation.
Oct 14, 2025 | Jindřich ZechmeisterClient authentication in TLS certificates will soon end.
DigiCert has announced that it will gradually discontinue support for the extended use of Client Authentication in its public TLS certificates. The change does not affect the normal use of certificates for HTTPS, but will affect scenarios such as Mutual…
Jul 25, 2025 | Jindřich Zechmeister