Commonsense: SSLs remove Organisation unit from CSR generation.
The SSL Store has reported that The CA/B Forum has decided that CAs no longer need to include organizational unit (OU) information when issuing publicly trusted SSL/TLS digital certificates. Let’s quickly explore what this means for you when ordering SSL/TLS certificates (spoiler alert: it won’t change anything for most users)
There are changes will make the task of ordering certificates easier a bit easier by eliminating confusion. Traditionally, the certificate ordering process has required requestors (i.e., you) to provide information for the organization unit (OU) field.
When you complete a certificate signing request (CSR) as part of the certificate ordering process, there’s traditionally been a free-form field in which you’d enter metadata that you want to store in your certificate. In cPanel, for example, this field is labeled “Company Division” instead.
The rationale behind removing the OU field is that it will:
- Eliminate an unnecessary piece of data.
- Mitigate OU-related hiccups in the validation process by eliminating the highly specific field.
- Prevent inaccurate attributions or intentional misuses of company names, trademarks, tradenames, addresses, or other information.
The changes shouldn’t impact organisations unless they are using the SSL for something custom. If brandsec customers have any questions, you can contact your Account Manager who can assist.
About brandsec
brandsec is a corporate domain name management and brand protection company that looks after many of Australia, New Zealand and Asia’s top publicly listed brands. We provide monitoring and enforcement services, DNS, SSL Management, domain name brokerage and dispute management and brand security consultation services.
