Menu

Atlas TLS ICA Rotations

Aug 2, 2024

Atlas TLS ICA Rotations

Introduction

GlobalSign will start rotating our Atlas TLS CAs on a scheduled basis to promote good ecosystem security and agility. Historically, we have set up CAs and used them for many years, but there are many reasons to reduce this time interval. By reducing the length of time CAs are used, we achieve the following benefits:

  • We limit the number of certificates issued by a single CA and it's corresponding private key which limits impact if there is an integrity, compliance or security issue with the CA.
  • We reduce the size of CRLs which increases validation performance.
  • We train our customer base to expect and plan for immediate CA replacements which increases crypto agility.
  • Starting in 2022, GlobalSign Atlas TLS CAs will be updated every quarter, on the second Tuesday of the quarter at 10:30-11:00 UTC

Impact and recommendations:

  • Customers should always be prepared to accept new CAs when installing new TLS certificates. The issuing CA is available in the API and should be used when downloading the certificate so that the current CA is always provisioned with the issued certificate.  
  • Customers MUST not do public key pinning to CA certificates, and we highly discourage public key pinning at all, as that defeats the purpose of crypto agility.
  • We encourage customers to follow agile practices for Issuing CAs and always download and install the provided ICA when obtaining new certificates.
  • Please subscribe to GlobalSign's Status page for important updates here - https://status.globalsign.com/
Atlas TLS Product Type New CA Name Link to new CAs that will be used October 8, 2024 – January 7, 2025
Atlas Domain Validated TLS GlobalSign Atlas R3 DV TLS CA Q4 2024 https://secure.globalsign.com/cacert/gsatlasr3dvtlsca2024q4.crt
Atlas Domain Validated TLS - ECC Keys GlobalSign Atlas ECC R5 DV TLS CA Q4 2024 https://secure.globalsign.com/cacert/gsatlaseccr5dvtlsca2024q4.crt
Atlas Organization Validated TLS GlobalSign Atlas R3 OV TLS CA Q4 2024 https://secure.globalsign.com/cacert/gsatlasr3ovtlsca2024q4.crt
Atlas Organization Validated TLS - ECC Keys GlobalSign Atlas ECC R5 OV TLS CA Q4 2024 https://secure.globalsign.com/cacert/gsatlaseccr5ovtlsca2024q4.crt
Atlas ACME Domain Validated TLS GlobalSign Atlas R3 DV ACME CA Q4 2024 https://secure.globalsign.com/gsatlasr3dvacmeca2024q4.crt 
Atlas ACME Domain Validated TLS  - ECC Keys GlobalSign Atlas ECC R5 ACME DV CA Q4 2024 https://secure.globalsign.com/cacert/gsatlaseccr5dvacmeca2024q4.crt
Atlas ACME Organization Validated TLS GlobalSign Atlas R3 OV ACME CA Q4 2024 https://secure.globalsign.com/gsatlasr3ovacmeca2024q4.crt
Atlas ACME Organization Validated TLS – ECC keys GlobalSign Atlas ECC R5 ACME OV CA Q4 2024 https://secure.globalsign.com/cacert/gsatlaseccr5ovacmeca2024q4.crt

Atlas TLS Product Type CA Name Link to CAs that will be used July 9, 2024 – October 8, 2024
Atlas Domain Validated TLS GlobalSign Atlas R3 DV TLS CA Q3 2024 https://secure.globalsign.com/cacert/gsatlasr3dvtlsca2024q3.crt
Atlas Domain Validated TLS - ECC Keys GlobalSign Atlas ECC R5 DV TLS CA Q3 2024 https://secure.globalsign.com/cacert/gsatlaseccr5dvtlsca2024q3.crt
Atlas Organization Validated TLS GlobalSign Atlas R3 OV TLS CA Q3 2024 https://secure.globalsign.com/cacert/gsatlasr3ovtlsca2024q3.crt
Atlas Organization Validated TLS - ECC Keys GlobalSign Atlas ECC R5 OV TLS CA Q3 2024 https://secure.globalsign.com/cacert/gsatlaseccr5ovtlsca2024q3.crt
Atlas ACME Domain Validated TLS GlobalSign Atlas R3 DV ACME CA Q3 2024 https://secure.globalsign.com/gsatlasr3dvacmeca2024q3.crt 
Atlas ACME Domain Validated TLS  - ECC Keys GlobalSign Atlas ECC R5 ACME DV CA Q3 2024 https://secure.globalsign.com/cacert/gsatlaseccr5dvacmeca2024q3.crt
Atlas ACME Organization Validated TLS GlobalSign Atlas R3 OV ACME CA Q3 2024 https://secure.globalsign.com/gsatlasr3ovacmeca2024q3.crt
Atlas ACME Organization Validated TLS – ECC keys GlobalSign Atlas ECC R5 ACME OV CA Q3 2024 https://secure.globalsign.com/cacert/gsatlaseccr5ovacmeca2024q3.crt

Atlas TLS Product Type CA Name Link to CAs that will be used April 9, 2024 – July 9, 2024
Atlas Domain Validated TLS GlobalSign Atlas R3 DV TLS CA Q2 2024 https://secure.globalsign.com/cacert/gsatlasr3dvtlsca2024q2.crt
Atlas Domain Validated TLS - ECC Keys GlobalSign Atlas ECC R5 DV TLS CA Q2 2024 https://secure.globalsign.com/cacert/gsatlaseccr5dvtlsca2024q2.crt
Atlas Organization Validated TLS GlobalSign Atlas R3 OV TLS CA Q2 2024 https://secure.globalsign.com/cacert/gsatlasr3ovtlsca2024q2.crt
Atlas Organization Validated TLS - ECC Keys GlobalSign Atlas ECC R5 OV TLS CA Q2 2024 https://secure.globalsign.com/cacert/gsatlaseccr5ovtlsca2024q2.crt
Atlas ACME Domain Validated TLS GlobalSign Atlas R3 DV ACME CA Q2 2024 https://secure.globalsign.com/gsatlasr3dvacmeca2024q2.crt 
Atlas ACME Domain Validated TLS  - ECC Keys GlobalSign Atlas ECC R5 ACME DV CA Q2 2024 https://secure.globalsign.com/cacert/gsatlaseccr5dvacmeca2024q2.crt
Atlas ACME Organization Validated TLS GlobalSign Atlas R3 OV ACME CA Q2 2024 https://secure.globalsign.com/gsatlasr3ovacmeca2024q2.crt
Atlas ACME Organization Validated TLS – ECC keys GlobalSign Atlas ECC R5 ACME OV CA Q2 2024 https://secure.globalsign.com/cacert/gsatlaseccr5ovacmeca2024q2.crt

Atlas TLS Product Type CA Name Link to CAs that will be used January 9, 2024 – April 9, 2024
Atlas Domain Validated TLS GlobalSign Atlas R3 DV TLS CA Q1 2024 https://secure.globalsign.com/cacert/gsatlasr3dvtlsca2024q1.crt
Atlas Domain Validated TLS - ECC Keys GlobalSign Atlas ECC R5 DV TLS CA Q1 2024 https://secure.globalsign.com/cacert/gsatlaseccr5dvtlsca2024q1.crt
Atlas Organization Validated TLS GlobalSign Atlas R3 OV TLS CA Q1 2024 https://secure.globalsign.com/cacert/gsatlasr3ovtlsca2024q1.crt
Atlas Organization Validated TLS - ECC Keys GlobalSign Atlas ECC R5 OV TLS CA Q1 2024 https://secure.globalsign.com/cacert/gsatlaseccr5ovtlsca2024q1.crt
Atlas ACME Domain Validated TLS GlobalSign Atlas R3 DV ACME CA Q1 2024 https://secure.globalsign.com/gsatlasr3dvacmeca2024q1.crt 
Atlas ACME Domain Validated TLS  - ECC Keys GlobalSign Atlas ECC R5 ACME DV CA Q1 2024 https://secure.globalsign.com/cacert/gsatlaseccr5dvacmeca2024q1.crt
Atlas ACME Organization Validated TLS GlobalSign Atlas R3 OV ACME CA Q1 2024 https://secure.globalsign.com/gsatlasr3ovacmeca2024q1.crt
Atlas ACME Organization Validated TLS – ECC keys GlobalSign Atlas ECC R5 ACME OV CA Q1 2024 https://secure.globalsign.com/cacert/gsatlaseccr5ovacmeca2024q1.crt

Atlas TLS Product Type CA Name Link to CAs that will be used October 10, 2023 – January 9, 2024
Atlas Domain Validated TLS GlobalSign Atlas R3 DV TLS CA Q4 2023 https://secure.globalsign.com/cacert/gsatlasr3dvtlsca2023q4.crt
Atlas Domain Validated TLS - ECC Keys GlobalSign Atlas ECC R5 DV TLS CA Q4 2023 https://secure.globalsign.com/cacert/gsatlaseccr5dvtlsca2023q4.crt
Atlas Organization Validated TLS GlobalSign Atlas R3 OV TLS CA Q4 2023 https://secure.globalsign.com/cacert/gsatlasr3ovtlsca2023q4.crt
Atlas Organization Validated TLS - ECC Keys GlobalSign Atlas ECC R5 OV TLS CA Q4 2023 https://secure.globalsign.com/cacert/gsatlaseccr5ovtlsca2023q4.crt
Atlas ACME Domain Validated TLS GlobalSign Atlas R3 DV ACME CA 2023 Q4 https://secure.globalsign.com/gsatlasr3dvacmeca2023q4.crt 
Atlas ACME Domain Validated TLS  - ECC Keys GlobalSign Atlas ECC R5 ACME DV CA 2023 Q4 https://secure.globalsign.com/cacert/gsatlaseccr5dvacmeca2023q4.crt
Atlas ACME Organization Validated TLS GlobalSign Atlas R3 OV ACME CA 2023 Q4 https://secure.globalsign.com/gsatlasr3ovacmeca2023q4.crt
Atlas ACME Organization Validated TLS – ECC keys GlobalSign Atlas ECC R5 ACME OV CA 2023 Q4 https://secure.globalsign.com/cacert/gsatlaseccr5ovacmeca2023q4.crt

Atlas TLS Product Type CA Name Link to CAs that will be used July 11, 2023 – October 11, 2023
Atlas Domain Validated TLS GlobalSign Atlas R3 DV TLS CA Q3 2023 https://secure.globalsign.com/cacert/gsatlasr3dvtlsca2023q3.crt
Atlas Domain Validated TLS - ECC Keys GlobalSign Atlas ECC R5 DV TLS CA Q3 2023 https://secure.globalsign.com/cacert/gsatlaseccr5dvtlsca2023q3.crt
Atlas Organization Validated TLS GlobalSign Atlas R3 OV TLS CA Q3 2023 https://secure.globalsign.com/cacert/gsatlasr3ovtlsca2023q3.crt
Atlas Organization Validated TLS - ECC Keys GlobalSign Atlas ECC R5 OV TLS CA Q3 2023 https://secure.globalsign.com/cacert/gsatlaseccr5ovtlsca2023q3.crt
Atlas ACME Domain Validated TLS GlobalSign Atlas R3 DV ACME CA 2023 Q3 https://secure.globalsign.com/gsatlasr3dvacmeca2023q3.crt 
Atlas ACME Domain Validated TLS  - ECC Keys GlobalSign Atlas ECC R5 ACME DV CA 2023 Q3 https://secure.globalsign.com/cacert/gsatlaseccr5dvacmeca2023q3.crt
Atlas ACME Organization Validated TLS GlobalSign Atlas R3 OV ACME CA 2023 Q3 https://secure.globalsign.com/gsatlasr3ovacmeca2023q3.crt
Atlas ACME Organization Validated TLS – ECC keys GlobalSign Atlas ECC R5 ACME OV CA 2023 Q3 https://secure.globalsign.com/cacert/gsatlaseccr5ovacmeca2023q3.crt

Atlas TLS Product Type CA Name Link to CAs that will be used April 11, 2023 – July 11, 2023
Atlas Domain Validated TLS GlobalSign Atlas R3 DV TLS CA Q2 2023 https://secure.globalsign.com/cacert/gsatlasr3dvtlsca2023q2.crt
Atlas Domain Validated TLS - ECC Keys GlobalSign Atlas ECC R5 DV TLS CA Q2 2023 https://secure.globalsign.com/cacert/gsatlaseccr5dvtlsca2023q2.crt
Atlas Organization Validated TLS GlobalSign Atlas R3 OV TLS CA Q2 2023 https://secure.globalsign.com/cacert/gsatlasr3ovtlsca2023q2.crt
Atlas Organization Validated TLS - ECC Keys GlobalSign Atlas ECC R5 OV TLS CA Q2 2023 https://secure.globalsign.com/cacert/gsatlaseccr5ovtlsca2023q2.crt
Atlas ACME Domain Validated TLS GlobalSign Atlas R3 DV ACME CA 2023 Q2 https://secure.globalsign.com/gsatlasr3dvacmeca2023q2.crt 
Atlas ACME Domain Validated TLS  - ECC Keys GlobalSign Atlas ECC R5 ACME DV CA 2023 Q2 https://secure.globalsign.com/cacert/gsatlaseccr5dvacmeca2023q2.crt
Atlas ACME Organization Validated TLS GlobalSign Atlas R3 OV ACME CA 2023 Q2 https://secure.globalsign.com/gsatlasr3ovacmeca2023q2.crt
Atlas ACME Organization Validated TLS – ECC keys GlobalSign Atlas ECC R5 ACME OV CA 2023 Q2 https://secure.globalsign.com/cacert/gsatlaseccr5ovacmeca2023q2.crt

Atlas TLS Product Type CA Name Link to CAs that will be used January 10, 2023 – April 11, 2023
Atlas Domain Validated TLS GlobalSign Atlas R3 DV TLS CA Q1 2023 https://secure.globalsign.com/cacert/gsatlasr3dvtlsca2023q1.crt
Atlas Domain Validated TLS - ECC Keys GlobalSign Atlas ECC R5 DV TLS CA Q1 2023 https://secure.globalsign.com/cacert/gsatlaseccr5dvtlsca2023q1.crt
Atlas Organization Validated TLS GlobalSign Atlas R3 OV TLS CA Q1 2023 https://secure.globalsign.com/cacert/gsatlasr3ovtlsca2023q1.crt
Atlas Organization Validated TLS - ECC Keys GlobalSign Atlas ECC R5 OV TLS CA Q1 2023 https://secure.globalsign.com/cacert/gsatlaseccr5ovtlsca2023q1.crt
Atlas ACME Domain Validated TLS GlobalSign Atlas R3 DV ACME CA 2023 Q1 https://secure.globalsign.com/gsatlasr3dvacmeca2023q1.crt 
Atlas ACME Domain Validated TLS  - ECC Keys GlobalSign Atlas ECC R5 ACME DV CA 2023 Q1 https://secure.globalsign.com/cacert/gsatlaseccr5dvacmeca2023q1.crt
Atlas ACME Organization Validated TLS GlobalSign Atlas R3 OV ACME CA 2023 Q1 https://secure.globalsign.com/gsatlasr3ovacmeca2023q1.crt
Atlas ACME Organization Validated TLS – ECC keys GlobalSign Atlas ECC R5 ACME OV CA 2023 Q1 https://secure.globalsign.com/cacert/gsatlaseccr5ovacmeca2023q1.crt

 Atlas TLS Product Type CA Name Link to CAs that will be used October 11, 2022 – January 10, 2023
Atlas Domain Validated TLS GlobalSign Atlas R3 DV TLS CA Q4 2022 https://secure.globalsign.com/cacert/gsatlasr3dvtlsca2022q4.crt
Atlas Domain Validated TLS - ECC Keys GlobalSign Atlas ECC R5 DV TLS CA Q4 2022 https://secure.globalsign.com/cacert/gsatlaseccr5dvtlsca2022q4.crt
Atlas Organization Validated TLS GlobalSign Atlas R3 OV TLS CA Q4 2022 https://secure.globalsign.com/cacert/gsatlasr3ovtlsca2022q4.crt
Atlas Organization Validated TLS - ECC Keys GlobalSign Atlas ECC R5 OV TLS CA Q4 2022 https://secure.globalsign.com/cacert/gsatlaseccr5ovtlsca2022q4.crt
Atlas ACME Domain Validated TLS GlobalSign Atlas R3 DV ACME CA 2022 Q4 https://secure.globalsign.com/gsatlasr3dvacmeca2022q4.crt 
Atlas ACME Domain Validated TLS  - ECC Keys GlobalSign Atlas ECC R5 ACME DV CA 2022 Q4 https://secure.globalsign.com/cacert/gsatlaseccr5dvacmeca2022q4.crt

Atlas TLS Product Type CA Name Link to CAs that will be used July 12, 2022 – October 11, 2022
Atlas Domain Validated TLS GlobalSign Atlas R3 DV TLS CA Q3 2022 https://secure.globalsign.com/cacert/gsatlasr3dvtlsca2022q3.crt
Atlas Domain Validated TLS - ECC Keys GlobalSign Atlas ECC R5 DV TLS CA Q3 2022 https://secure.globalsign.com/cacert/gsatlaseccr5dvtlsca2022q3.crt
Atlas Organization Validated TLS GlobalSign Atlas R3 OV TLS CA Q3 2022 https://secure.globalsign.com/cacert/gsatlasr3ovtlsca2022q3.crt
Atlas Organization Validated TLS - ECC Keys GlobalSign Atlas ECC R5 OV TLS CA Q3 2022 https://secure.globalsign.com/cacert/gsatlaseccr5ovtlsca2022q3.crt
Atlas ACME Domain Validated TLS GlobalSign Atlas R3 DV ACME CA 2022 Q3 https://secure.globalsign.com/gsatlasr3dvacmeca2022q3.crt 
Atlas ACME Domain Validated TLS  - ECC Keys GlobalSign Atlas ECC R5 ACME DV CA 2022 Q3 https://secure.globalsign.com/cacert/gsatlaseccr5dvacmeca2022q3.crt

Atlas TLS Product Type CA Name Link to CAs that will be used April 12, 2022 – July 12, 2022
Atlas Domain Validated TLS GlobalSign Atlas R3 DV TLS CA Q2 2022 https://secure.globalsign.com/cacert/gsatlasr3dvtlsca2022q2.crt
Atlas Domain Validated TLS - ECC Keys GlobalSign Atlas ECC R5 DV TLS CA Q2 2022 https://secure.globalsign.com/cacert/gsatlaseccr5dvtlsca2022q2.crt
Atlas Organization Validated TLS GlobalSign Atlas R3 OV TLS CA Q2 2022 https://secure.globalsign.com/cacert/gsatlasr3ovtlsca2022q2.crt
Atlas Organization Validated TLS - ECC Keys GlobalSign Atlas ECC R5 OV TLS CA Q2 2022 https://secure.globalsign.com/cacert/gsatlaseccr5ovtlsca2022q2.crt
Atlas ACME Domain Validated TLS GlobalSign Atlas R3 DV ACME CA 2022 Q2 https://secure.globalsign.com/gsatlasr3dvacmeca2022q2.crt 
Atlas ACME Domain Validated TLS  - ECC Keys GlobalSign Atlas ECC R5 ACME DV CA 2022 Q2 https://secure.globalsign.com/cacert/gsatlaseccr5dvacmeca2022q2.crt

Atlas TLS Product Type CA Name Link to CAs that will be used January 11, 2022 – April 12, 2022
Atlas Domain Validated TLS GlobalSign Atlas R3 DV TLS CA Q1 2022 https://secure.globalsign.com/cacert/gsatlasr3dvtlsca2022q1.crt
Atlas Domain Validated TLS - ECC Keys GlobalSign Atlas ECC R5 DV TLS CA Q1 2022 https://secure.globalsign.com/cacert/gsatlaseccr5dvtlsca2022q1.crt
Atlas Organization Validated TLS GlobalSign Atlas R3 OV TLS CA Q1 2022 https://secure.globalsign.com/cacert/gsatlasr3ovtlsca2022q1.crt
Atlas Organization Validated TLS - ECC Keys GlobalSign Atlas ECC R5 OV TLS CA Q1 2022 https://secure.globalsign.com/cacert/gsatlaseccr5ovtlsca2022q1.crt
Atlas ACME Domain Validated TLS GlobalSign Atlas R3 DV ACME CA 2022 Q1 https://secure.globalsign.com/gsatlasr3dvacmeca2022q1.crt 
Atlas ACME Domain Validated TLS  - ECC Keys GlobalSign Atlas ECC R5 ACME DV CA 2022 Q1 https://secure.globalsign.com/cacert/gsatlaseccr5dvacmeca2022q1.crt

Atlas TLS Product Type CA Name Link to CAs that will be used August 24, 2021 - January 11, 2022
Atlas Domain Validated TLS GlobalSign Atlas R3 DV TLS CA H2 2021 https://secure.globalsign.com/cacert/gsatlasr3dvtlscah22021.crt
Atlas Organization Validated TLS GlobalSign Atlas R3 OV TLS CA H2 2021 https://secure.globalsign.com/cacert/gsatlasr3ovtlscah22021.crt
Atlas Domain Validated TLS - ECC Keys GlobalSign Atlas ECC R5 DV TLS CA H2 2021 https://secure.globalsign.com/cacert/gsatlaseccr5dvtlscah22021.crt
Atlas Organization Validated TLS - ECC Keys GlobalSign Atlas ECC R5 OV TLS CA H2 2021 https://secure.globalsign.com/cacert/gsatlaseccr5ovtlscah22021.crt

Related Articles

Atlas Certificate Management API

Oct 21, 2020, 9:34 AM

Read More

How to renew TLS certificate in Atlas

Aug 22, 2024, 9:50 AM

Renewing a certificate is the process of replacing a certificate (preferably) before it expires. A user takes an existing certificate and requests a new one using a different CSR (key pair) from the original, most other fields will be the same (see list of fields below). This functionality will be available for certificates that have been issued through either the Atlas portal, Atlas APIs, or ACME. The implementation of this new feature is focused on the Atlas portal.

Read More

GlobalSign System Alerts

View recent system alerts.

View Alerts

Atlas Discovery

Scan your endpoints to locate all of your Certificates.

Sign Up

SSL Configuration Test

Check your certificate installation for SSL issues and vulnerabilities.

Contact Support