Privately Trusted SSL Certificates
Entrust Private SSL certificates enable the continued use of non-registered domain names. This new type of certificate provides the same key sizes, signing algorithms, validity periods and CA protection as Entrust’s proven publicly trusted SSL certificates — but are issued via a privately shared CA that protects you from possible impersonation attacks by ensuring no two certificate names are alike.
Specification
| Used when you need | SSL/TLS Security to support Non Fully Qualified Domain names for internal server | |
|---|---|---|
| Visual Indicators |  | |
| Validation | OV (Organization Validation) | |
| Key Usage | Server to Server Auth | |
| Secures both www.domain.com & domain.com | N/A | |
| Base Number of Names (domains included) | 1 | |
| Additional Names (optional $) | Up to 250! non-FQDN’s or FQDN’s | |
| Examples (when GREEN, you can purchase up to 250 SANs) | CN=intranet.domain.com SAN1=intranet.domain.com SAN2=www.entrust.com SAN3=www.test.com SAN4=intranet SAN5=mail | |
| Malware Scan | N/A | |
| Site seal with real time status check | N/A | |
| Management console with free reissues and unlimited server licensing |  | |
| RSA + ECC 2048 bit / 3072 bit / 4096 bit | | |
| Elliptic curve cryptography (ECC) | N/A | |
| Desktop and mobile device compatibility | N/A | |
| Volume discounts and 30 day refund | | |
| SHA-2 signing | | |
| Intel AMT/Vpro | N/A |
What are Your FQDN Certificate Options?
- Switch to FQDNs, Keep Public SSL Certificates
Switch to fully qualified domain names (FQDNs) and continue to use public SSL certificates. Root certificate trust is automatically delivered by the operating system or the browser without your IT involvement. Properly changing domain names, however, could take an extended period of time — or even break existing integrations — as they may be hard-coded into existing applications. - Use In-House, Self-Signed Certificates
Organizations who require total control may choose to use a dedicated privately trusted CA to deploy non-public SSL certificates for internal security. Offload the burden of managing your own CA by implementing a managed PKI from Entrust. This hosted approach offers the same proven certificates as an in-house PKI without added expense or need to employ an expert staff. You are, however, leaving certificate policy to individual admins, which serves as a disadvantage to most companies. - Switch to Entrust Private SSL Certificates
Migration to Entrust Private SSL Certificates enables the continued use of non-registered domain names. This new type of privately trusted certificate provides the same key sizes, signing algorithms, validity periods and CA protection as Entrust’s proven publicly trusted SSL certificates — all issued via a private shared CA that ensures no two names are alike.
Front Line Encryption
Your website’s security is our number one priority. That’s why Entrust certificates feature hybrid 256-bit pre-shared and 2048-bit public key encryption in our root certificates. With support for SHA-2 algorithms, Entrust Organization SSL Certificates protect your data by offering security that benefits from the best features of both symmetric and asymmetric encryption.
Additional Benefits & Features
- Registered & Non-Registered Domains
Domains for Entrust Private SSL Certificates are registered to just one customer, further bolstering security. For additional flexibility, private SSL certificates may also include previously registered fully qualified domain names. - Unlimited Server Licensing
Like many of Entrust’s trusted SSL certificates, Entrust Private SSL Certificates may be deployed on more than one server — at no additional charge — and can be reissued as required. - Full Certificate Lifecycles
Take full control of your private SSL certificates. From revocation, reissuance and renewal, manage Entrust Private SSL Certificate lifecycles just like a standard publicly trusted SSL certificate via the Entrust Certificate Management service. - Up to 250 SAN Values
Secure up to 250 private domains via a single Entrust Private SSL Certificates. This introduces thousands of dollars in savings compared to the competition, who often limit you to 100 SAN values. - Quick Issuance
Entrust verification begins immediately based upon your certificate request, and your certificate is usually ready within 1-2 days. - Unlimited Issuance Policy and Server Licenses
Enable flexible certificate re-issuance when users lose passwords or re-image machines, and install your certificates on an unlimited number of servers - Self-Service Certificate Creation
Eliminates the wait for manual certificate issuance - Convenient Expiry Notifications
Lessens the risk of inadvertent certificate expiration - SSL Certificate Expertise
Entrust customer service experts are available to help you through every step of the certificate management lifecycle
 | Trust comes from meeting and beating your customer’s expectations. That’s why you should let your visitors know they are on a secure website with the Entrust Site Seal. Our seal makes it easy to visibly show that you have taken steps to ensure your site transactions are secure. Once you make your Entrust SSL purchase, you gain access to your individualized seal. Once you’ve posted the seal on your website, your visitors will be able to click on it and easily verify your site’s authenticity and certificate status. More |
|---|