Accesso utenti

SSL Server and Code Signing certificates

SSL Server and Code Signing certificates

The TLS protocol, often referred to with its old name SSL (Secure Sockets Layer), is the standard solution for securing on-line transactions across a wide range of services (home banking, on-line shopping, e-government, ...) and industry sectors (financial, commerce, procurement, utilities, telcos, public, and more). Thanks to TLS, two essential security functions are enabled:

  1. secure channel: all data exchanged between your website and browsers are enciphered (full session encryption), preventing eavesdropping;
  2. server authentication: end users can verify the authenticity of your website and the identity of your organization operating that website;

To enable the TLS protocol, a suitable "SSL Server" certificate must be installed on the web server, issued by a trusted third party (Certification Authority. Actalis, a major Italian Certification Authority, offers SSL Server certificates supported by all major platforms (desktop/mobile) and browsers. Furthermore, Actalis' procedures are streamlined and efficient, allowing certificates to be issued quickly.

Products

Actalis offers the following classes and types of SSL Server certificates:

Certificate feature OV-class EV-class
Validation of domain control
Validation of organization name
Extended validation of organization
Enables server authentication
Enables secure channel (encrypted session)
Padlock shown in browser
Green bar or other special UI shown in browser
Organization name shown in browser
Issued with SHA-256
Support for RSA server keys
Support for ECC server keys on request on request
Available validity periods (years) 1, 2 1,2
Can be "SAN" (multi-domain)
Can be "wildcard"

In addition to SSL Server certificates, Actalis also offers Code Signing certificates, suitable for signing a wide range of executable software (such as Java applets, installation packages, shared libraries, device drivers, etc.). Code signing allows end users and platforms to verify the integrity and authenticity of such files, thus protecting their PCs from malware. Actalis code signing certs are supported by all major run-time platforms (Windows, Java, etc.)

How to obtain your certificate

  1. carefully read Actalis' Terms&Conditions (link to be found below);
  2. send to Actalis (or to the Actalis' reseller) your purchase order or accepted quotation;
  3. fill out the Subscriber Agreement (to be found within the "Certificate Application" form - see below), have it dated and signed by a suitable Organizational Contact, then send it to Actalis; if you wish your certificate to be issued more quickly, we advise you to sign the Agreement by a digital signature (otherwise, the Organizational Contact must be contactable over the phone);
  4. if your organization has been in existance for less than 3 years, also send to Actalis a letter of Bank References (find template below);
  5. send to Actalis a suitable CSR (Certificate Signing Request, with a 2048-bit RSA key), together with a properly filled-out Certificate Specifications (to be found within the "Certificate Application" form).

User documentation

Compliance Audit 

Self-support: how to request and install your SSL Server certificate

Win­dows/IIS

(*) This is normally not necessary, unless auto-updates are disabled on your server.

Apache

Self-support: how to request and install your Code Signing certificate

Or­a­cle Java

MS Win­dows

Ap­ple OSX

How to revoke your certificate

To request revocation of your certificate, go to https://​extwebra.​actalis.​it/​portal/​ and log in using the credentials that we sent you by email. Keep in mind that revocation is mandatory under some circumstances (please read our CPS carefully).

Problem reporting

To report problems related to SSL Server or Code Signing certificates issued by Actalis, you may:

  • send an email to cert-problem at actalis.it (we commit to timely read that mailbox during working hours only),
  • or - IN EMERGENCY ONLY - call our telephone number +39-0575-050.376 (please keep in mind that we do not provide technical support at that number: we only take charge of problems related to already issued certificates).

By "problems" we mean events or situations that - if confirmed - justify an urgent action by Actalis, such as the compromise of the owner's private key, a court order, the criminal use of the certificate (e.g. for phishing, or malware distribution), and so on. Depending on the problem severity, Actalis may decide to revoke the certificate, as provided for in the CPS.

You must provide at least the following information, when reporting a problem to Actalis, or your alert will be ignored:

  • your full name
  • your phone number
  • description of the alleged problem
  • enough information to identify the offending certificate

If the problem reporter claims to represent the certificate holder organization, he/she must prove that by answering some questions.

Warning: customer support is not provided through the phone number and the email address mentioned above. Support requests received via those channels will be ignored and will not receive an answer.

Reminder: if you are the certificate owner, you can at any time revoke your own certificate, by yourself, via the web interface at https://extwebra.actalis.it/portal/, after logging in with the credentials that have been sent to you at certificate issuance time.

  • Maximum certificate lifetime as of March 1st, 2018
    As determined by the CA/Browser Forum, starting from March 1st, 2018, the maximum lifetime of SSL Server certificates will be 825 days. As of that date, Actalis will issue SSL Server Certificates with a maximum validity of 2 years, net of the grace period for renewal.

Supported Browsers and Platforms

Find below the platforms and browsers currently supported by Actalis SSL Server certificates (root: “Actalis Authentication Root CA”).

Desktop platforms (for PCs)

  • Windows: XP SP3 (for SSL certs only), Windows Vista, Windows 7, Windows 8 e 8.1, Windows 10
  • Apple OS X: 10.6.8 and newer
  • Linux: all main distributions (e.g. Ubuntu, Fedora, etc.)

Tablet/Smartphone platforms

  • Android 4.4.3 and newer
  • Apple iOS 7 and newer
  • Windows RT, Windows Phone v8+
  • BlackBerry OS v10
  • Chrome OS
  • Firefox OS

Desktop browsers

  • Microsoft Internet Explorer v8+ (Windows)
  • Microsoft Edge (Windows 10)
  • Mozilla Firefox v17+ for Windows, OSX, Linux
  • Google Chrome for Windows, OS X, Linux
  • Apple Safari for OS X
  • Opera for Windows, OS X, Linux, Solaris
  • Konqueror (Linux)

Mobile browsers

  • Android: native browser, Chrome, Firefox, Opera, Dolphin, …
  • iOS: Safari, Chrome, Dolphin, …
  • Windows Phone: Internet Explorer
  • BlackBerry: native browser, Opera

Browser for Java phones

  • Opera Mini

Server platforms

  • Windows Server 2008 and newer
  • Linux: all main distributions (e.g. Red Hat, CentOS, Debian, ecc.)

Java run-times

  • Oracle JRE/JDK v1.8.0_51 and newer
  • OpenJDK v1.6.0_33 (IcedTea) and newer
  • Apple Java 6 for OSX v1.6.0_65 and newer
Contatta i nostri esperti
*:
*:
*:
*:
:
*:
*:
:
*:
*:
*:

Consenso al trattamento dei dati personali *

Dichiaro di aver preso visione dell'Informativa privacy resa ai sensi dell’Art. 13 Regolamento Europeo 679/2016 e di rilasciare il consenso al trattamento dei dati personali per le finalità ivi indicate e di essere consapevole che, in mancanza di rilascio del consenso a tale trattamento, potranno trovare applicazione le disposizioni indicate nella predetta Informativa.

Confermo di essere maggiorenne secondo la normativa vigente nello stato a cui appartiene il fornitore del servizio.

*:
 Security code
(*) Campi obbligatori