While the world is pushed—or forced—toward digitizing all business processes, workflows and functions, the lessons from the early days of the Internet can be a predictor of success. Learn how Digital Trust can make or break your strategy and how the wrong solution may be setting your organization up for failure in less than three years.
Today, Google announced a vulnerability in the implementation of the SSL 3.0 protocol, potentially compromising secure connections online. DigiCert and other security experts are recommending system administrators disable SSL 3.0 on their servers and use TLS 1.1 or 1.2.
This vulnerability does not affect SSL Certificates. There is no need to renew, reissue, or reinstall any certificates.
DigiCert DOES NOT have SSL 3.0 enabled on its website or online services and is not vulnerable to the exploit.
SSL 3.0 is nearly 15 years old, but support for it remains widespread. Most importantly, nearly all browsers support it and...will retry failed connections with older protocol versions, including SSL 3.0. Because a network attacker can cause connection failures, they can trigger the use of SSL 3.0 and then exploit this issue. - Google Security Blog
For servers that have SSL 3.0 enabled, DigiCert and other security experts are recommending that you disable SSL 3.0 and use at least TLS 1.0, preferably TLS 1.1 or 1.2. Most modern browsers will support TLS 1.1 and 1.2.
Instructions to disable SSL 3.0:
If you use a hosting provider, we recommend that you call your provider and request that they disable SSL 3.0 on your server.
To protect yourself while on sites that still have SSL 3.0 enabled, you can disable SSL 3.0 client-side in your own browser. See our instructions disabling SSL 3.0 in Internet Explorer, Firefox, and Chrome.
Servers that do not have SSL 3.0 enabled are unaffected.
DigiCert is taking swift action to notify our customers and other community members of the vulnerability, and inform them of the recommended courses of action.