Well, let’s first talk about registered domains. These are the domains where you register the domain root to an approved top-level domain (TLD) through an online registry such as example.com. Once you have example.com registered, then you can support Web servers such as www.example.com.
A non-registered domain name does not have a root domain that has been registered. Examples are:
There are security issues with using a publicly trusted SSL certificate that has a non-registered domain. As such, the CA/Browser Forum has deprecated these certificates and requires CAs to do the following:
There are two recommended solutions:
Entrust can assist with both.
Planning to use only FQDNs could be a wise decision. The advantage is that root certificates, which the trust is based upon, are delivered by the operating system or the browser. You don’t need to worry about root certificate distribution.
The disadvantage is changing domain names could take an extended period of time as the names may even be hard coded into your application software.
Using privately trusted SSL certificates would enable you to continue to use the non-registered domain names you currently have, but you will need to also distribute the root certificate.
Entrust is launching Private SSL Certificates that will provide the following:
We’ll release additional information about Entrust Private SSL Certificates as we get closer to availability. If you’d like to know more right away, feel free to contact your Entrust Certificate Services sales representative directly or call 1-866-267-9297.