Contact Us

Chat With Us

We are here for you!
Talk to a fellow human.


United States

+1-888-266-6361

International

+1-914-732-8446
Blog Posts Mar 13, 2019

All Sectigo Public Certificates Meet 64-Bit Serial Number Requirements

Industry PKI experts recently have discovered a flaw in certificate generation practices that employ the commonly used EJBCA CA tool, which can result in serial numbers with 63 bits of entropy as opposed to the 64 bits required by public certificate guidelines. News reports indicate that several certificate issuers are affected. We would like to clarify that NO active public certificates from Sectigo are subject to this flaw.

Industry PKI experts recently have discovered a flaw in certificate generation practices that employ the commonly used EJBCA CA tool, which can result in serial numbers with 63 bits of entropy as opposed to the 64 bits required by public certificate guidelines. News reports indicate that several certificate issuers are affected.

We would like to clarify that NO active public certificates from Sectigo are subject to this flaw. You can continue using your certificates under the Sectigo, Comodo, InstantSSL, PositiveSSL, and EnterpriseSSL brands with no change or reissuance required.