Uniform certificate

מתוך ויקי נטפרי
גרסה מ־22:03, 22 בינואר 2026 מאת DovidStroh (שיחה | תרומות) (יצירת דף עם התוכן "{{עמוד בעברית|תעודת אבטחה אחידה}} <div lang="en" dir="ltr" class="mw-content-ltr"> {{קישור אנגלית לתצוגת קריאה}} {...")
(הבדל) → הגרסה הקודמת | הגרסה האחרונה (הבדל) | הגרסה הבאה ← (הבדל)
קפיצה לניווט קפיצה לחיפוש

לעברית לחצו כאן

To switch from edit view to read view

To search in the Wiki

Home page > Security certificate > Uniform certificate ‎‎



In order for NetFree’s filtering system to also filter secure (HTTPS) content, a security certificate must be installed on every computer or device connected to the NetFree network.

In the past, NetFree created a separate certificate for each Internet provider in order to isolate security risks. This way, even if a vulnerability or security breach were to occur, it would be limited to a specific provider and would not affect the entire system.

Prior to the expiration of the certificate of RL about a year and a half ago, NetFree developed a new structure for creating a unified certificate with a special risk-isolation mechanism.

The core idea is to use a single master key, which holds a root certificate with an exceptionally long validity period, allowing secure and efficient issuance of certificates for all providers over time.

The master key is generated in a highly secure environment completely disconnected from the internet, using multiple sources of true randomness to ensure high-quality entropy and strong cryptographic security.

The key is stored in separate parts, with each part kept on encrypted hardware that meets strict security standards, and each part stored in a different physical location.

Once every three months, the custodians of the key parts meet in order to sign an intermediate certificate using the master key.

This intermediate certificate has a validity period of four months, with one month of overlap with the previous certificate.

The intermediate certificate is then used to automatically issue short-lived certificates (approximately every 24 hours) for each provider, in order to minimize risks in case of a potential compromise.

In the first version of the unified certificate, a mistake was made in the certificate attributes, which caused some systems to be unable to support it.

Therefore, NetFree created version 2 of the certificate, which includes the missing attributes.

This certificate will be integrated into the new version of the filtering system, and it is recommended to install it in advance in order to prevent future issues.

You can install it using the following guide: Uniform certificate installer 2.

אוחזר מתוך "https://wiki.netfree.link/index.php?title=Uniform_certificate&oldid=18012"