SIGNIFLOW

Discover our signature platform: sign and request signature for your PDFs in a fex clicks!

JOIN OUR AFFILIATE NETWORK

Join our affiliate network
and become a local SSL expert
Learn more about our program

PRODUCTS TO DISCOVER

SSL certificates Invoice signature eIDAS certificates Signature software

Menu
picture of tbs certificates
picture of tbs certificates
Certificates
ALL CERTIFICATES
SSL Extended Validation SSL Standard RGS certificates eIDAS certificates SSL ECC SSL wildcard SSL Multiple sites / SAN Quick and Dirty SSL
Specific certificates VMC certificates
E-signature Strong authentication S/MIME certificates
Test certificates PKI Solutions Trust Seals
SigniFlow: the platform to sign and request signature for your documents
Signature software
Our products range
TBS X509 DigiCert Thawte Sectigo GlobalSign GeoTrust Certigna ChamberSign SigniFlow Harica
Partners
Client login Customer accounts Open an account
Support
FAQ SHA256: Browsers' compatibility ECC: Browsers' compatibility
Focus
Invoices dematerialization
We now provide solutions compliant with RGS** and eIDAS qualified standards for invoices signature and time stamping. Further information


Configure Apache to make it run without SSL renegotiation

After the issues due to Apache renegotiation made public on November 2009, it is advised to configure Apache this way:

On the SSL virtualhost root 
SSLVerifyDepth 4
SSLVerifyClient none (ou require)
SSLCipherSuite !EDH:!ADH:!DSS:!RC4:HIGH:+3DES
SSLProtocol all -SSLv2 -SSLv3 
SSLHonorCipherOrder on  # apache 2.1+
Then inside your virtualhost, or in the .htaccess of your DocumentRoot, do not ever use the 4 instructions up here.

It makes Apache negotiate the right values from the root and not to renegotiate them after.

Downside: you can not configure a site without certificate authentication on the root with one repertory requiring a certificate anymore. You will have to create a special site that requires the user certificate from the root.