SERVER CERTIFICATE SECURITY
Certificates delivered by Telia Company follow baseline security requirements set by WebTrust and CA/Browser Forum. In addition to these, a particular care needs to be taken by customer in order to maintain the security of server certificates. Especially keeping the private key secured from getting lost and keeping it from getting into hands of a third party is paramount. If a private key is lost, Telia Company may charge the cost of a certificate with a new private key.
It is necessary to contact Telia Company if the personnel of the organization owning the server certificate or third parties using services protected by the certificate have a clear and present suspicion of the following:
- a private key has ended up in the hands of a third party
- a certificate fraud (the use of the certificate in a server which is not controlled by certificate owner or by a sub-contractor of the owner)
- if domain or IP address included in the certificate is not controlled by the organization
- a substantial change in the certificate information
- other forms of certificate misuse
If these conditions are met, it is necessary to revoke the certificate in question or contact immediately Telia either via email or using feedback form in Telia CA support site. If the certificate is created with Certificate Manager, it is possible for an administrator of the owning organization to revoke the certificate with Certificate Manager.
There are two email addresses for Telia CA support:
-
for non-urgent issues and issues regarding invoicing or technical support. This address is monitored during Finnish (Eastern European Time) business hours from 8:00 hours to 16:00 hours.
-
for urgent security issues like the ones mentioned in this chapter. This address is monitored on 24-hour basis. Please do not use this address for invoicing and technical support issues.
In urgent cases we recommend contacting Telia Company or revoking the certificate by calling +358 800 156667. There is also a form for revocation of certificates.
Detailed description of revocation procedure is found from Telia Server Certificate Certification Practice Statement, chapter 4.9. Valid Telia CPS is located at Telia CA Repository.