End of an era: securing local domains with SAN

Soon, all CAs will stop issuing SANs (subject alternative names) for local (internal) domains.

This is industry-wide and is to satisfy the CA/Browser Forum’s new rules.

SSL247 only supplies certificates from best-practice CAs (Symantec and Globalsign, who are stock-exchange listed and own their own, stable roots) who are acting on the new CAB Forum rules with their usual dilligence.

The following changes are taking place for these two CAs:

  • From today (28th May 2012), GlobalSign will not issue any Domain Validated SSL for local domains.
  • From 1st July 2012, for local domains, Symantec SAN and Globalsign OV and EV (Organisation Validated and Extended Validation) SAN must have an expiration date before 1st November 2015.
  • Symantec and GlobalSign will revoke SAN for local domains from 1st October 2016.

“This change means that the rules governing SSL issuance are being tightened, and as advocates of SSL best practice since 2004, we welcome this change. We are also – as ever – here to fully support our clients through this transition too.” (Frank Epinette – SSL247’s Sales Director).

For more information on how this affects your certificates, and/or your SSL purchasing for the next few years, please contact your friendly Account Manager or any of our other SSL Consultants on 0203 143 4120 or email sales@ssl247.co.uk.

Share this:

Posted on Monday 28 May 2012 by Matthieu Guille

Return to blog

Send us your comments


Your comment will not be published. If you have a question, do not forget to write your email address so that we can get back to you!