GlobalSign Blog

02 Sep 2016

A Look into Changes and Enhancements for ManagedSSL

Our goal at GlobalSign is to provide solutions for enterprises that simplify all stages of the certificate lifecycle and management process, helping reduce the time, effort and cost associated with managing multiple certificates.

GlobalSign made some new updates to our Managed PKI platform for domain and profile management for SSL Certificates, including new features and user interface (UI) enhancements.

Here’s a summary of what to look for.

Greater Visibility and Ease of Use for Profile and Domains

Managed Domains and Profiles Page

The main “Managed Domains and Profiles” page has been updated to give customers a more intuitive and easier to use interface to manage their profiles and domains.

Changes to the interface includes some design changes in how profile information is displayed, allowing for quick access to managing existing domains, adding new domains, requesting a public ordering page and editing profile details right from a click of a button. The new UI makes finding these options quicker and easier than before, with an improved layout including icons for common actions.

Below is a before and after.

Before

Old Managed Domains and Profiles Page

After

New Managed SSL Profile View

Managed Domains Page

A new page has been created called “Managed Domains” to display all the domains of a profile, allowing users to manage their domains directly within a specified profile. At a quick glance, users can view all of their domains and the status of each, providing users a more efficient way to view and access domain information per profile.

Via the new Managed Domains Page users can set permissions, renew, verify and view the status of all domains. Permissions can be set up to control who can place orders, approve orders and revoke certificates at the domain level, so the right employees have access to only domains within their scope of work.

New Domain Order History

Domain Order History Page

There’s also a new way to view all domains within an organization's entire account. The Domain Order History page provides a filterable list of all orders for domains within an account, clearly indicating the history and status and allowing you to make quick actions such as setting permissions, removing domains and viewing the status of all domains, giving users everything they need to see about their domains at their fingertips. Clicking within any domain, users can see the full details of any domain, including the vetted profile it’s attached to and the order details including the registered point of contact details.

New Domain Order History

New - Automated Domain Validation Options

New domain validation options are now available allowing organizations to prove domain validation themselves, so they can start issuing certificates to that domain immediately.

GlobalSign’s Managed PKI platform is unique in that it allows users to set up company profiles which include vetted company information (verified by our Vetting Department) and associated domain names. Users can then issue certificates from these "pre-vetted" profiles instantly, eliminating the need to go through the verification process every time you need a certificate.

ManagedSSL accounts can contain multiple profiles, so different branches or departments, or even multiple companies (in the case of umbrella entities), can all exist under one account. Each subdivision can have its own profile containing unique enterprise data tied to their own set of domains.

Previous to this release, GlobalSign would manually verify each organization profile and every domain added to each profile. With this release, organizations can demonstrate domain control using any one of these domain validation methods:

1. Email based validation method:
With email verification, the user confirms they own the domain by acting on an email sent to an authorized email address. An approval email can be sent to admin@example.com, administrator@example.com, hostmaster@example.com, postmaster@example.com, webmaster@example.com, or to the administrative WHOIS contact (public record associated with each domain) of your domain (this option will be available as of September).

2. HTTP based validation method:
With the HTTP method, GlobalSign supplies a unique code for users to place on their website in a specified location. Once the code or file is in place, domain validation can be performed.

3. DNS based validation method:
With the DNS method, GlobalSign supplies a unique string for users to put in a DNS TXT record for their domain. Once the DNS TXT record is in place, domain validation can be performed.

4. Manual validation method:
Customers can continue to submit domains for manual vetting by GlobalSign. Please allow 1-2 business days for this to be completed.

Once a domain has been approved by any of the above methods, organizations can instantly issue SSL Certificates to that domain.

This new feature is only available for domains validated to the Organization Validated (OV) level. Organizations wishing to add domains vetted to the Extended Validation (EV) level must continue to have domains manually vetted to meet CA/B Forum Browser Requirements related to validating EV SSL Certificates.

GlobalSign is still conducting our standard vigorous vetting process of organization profiles and certificate details are pulled directly from those profiles. GlobalSign is now allowing users a more streamlined and convenient approach to performing domain validation of domains against those profiles.

Domain verification is simply just checking or verifying domain control. GlobalSign processes all domain verification methods using our high risk phishing filters and the domain ownership techniques mentioned above show full domain control, making them challenging for someone to hack.

We hope you enjoy the new features and enhanced UI for managing your profiles and domains. We’d love to hear your feedback on these new changes or feel free to share additional suggested changes you’d love to see.

Learn more about GlobalSign's Managed PKI platform for SSL.

Share this Post

Subscribe to our Blog