Tech News and Analysis

DR Technology

Fastly Launches Certainly CA

The company’s moves to expand its TLS and domain name services strengthens the security and trust of its global web infrastructure.

Edge cloud platform provider Fastly has announced the general availability of Certainly, its publicly trusted Transport Layer Security (TLS) certificate authority (CA). Originally announced as a limited program in February, Certainly gives customers the ability to use in-house issued digital certificates to secure any website or API endpoint served by Fastly's content delivery network (CDN).

TLS secures the HTTPS connection between a Web server and Web application with signed certificates issued by CAs. If the CA loses trust – because it didn't follow procedures to validate domain ownership or by losing control of the encryption keys used to sign those certificates, for example – the certificates can no longer be trusted. This has an impact on the greater Internet, as compromised certificates means there is doubt about both the security of the data flowing to and from the Web application as well as the legitimacy of the domain.

Fastly noted back in February that bringing the capability of issuing TLS certificates in-house creates a fallback option when other CAs experience a failure. Certainly certificates also have only a 30-day validity period – significantly shorter than the 90-day validity period Google is pushing for as the industry norm which reduces the amount of time in which a compromised certificate can be used. (Let's Encrypt issues certificates valid for 90 days.)  

The company also announced its acquisition of Domainr, a real-time domain availability API provider, for an undisclosed sum. Fastly will integrate the API into its services and infrastructure to give customers the ability to instantly check domain availability, monitor critical domains, and uncover at-risk domains.

The combination of Certainly and the Domainr acquisition allows Fastly to provide end-to-end services for all TLS and domain name needs as the company expands its global Web infrastructure, the company said.

"Just as Fastly’s security products look at the entire internet as a whole to anticipate and prevent attacks, Domainr's API and unique view of the ecosystem will enable new ways of preventing risks around domains in the future," said Anil Dash, head of Glitch and vice president of developer experience at Fastly, in a statement.

Editors' Choice
Tara Seals, Managing Editor, News, Dark Reading
Jim Broome, President & CTO, DirectDefense
Nate Nelson, Contributing Writer, Dark Reading