The Uptrends client certificate can be used in Multi-step API monitors to guarantee the authenticity of the HTTP requests created by your monitors: your API server can verify the identity of Uptrends' checkpoint servers, which is where the HTTP requests are sent from.
The checkpoint servers will use the certificate’s private key to sign the requests. No-one else has access to that private key, so no-one can sign a request in the same way and pretend to be Uptrends. This means that you, as the receiving party, can be sure that those requests are genuinely originating from Uptrends' servers. You do this by verifying the identity of the incoming requests using Uptrends' public key. The public key information is listed below.
How can I be sure this public key is genuine?
When establishing identity and authenticity, it’s important to verify you’re working with the correct information.
Trusted connection and transport
- We’ve made sure that you’re always reading the content on this page using an HTTPS connection. Having this secure connection means that the content can never be tampered with (no content hijacking) during transport from our webserver to your browser.
- Even if a malicious person manages to present an HTTP link (i.e. a non-secure one) to the Uptrends website to you, that could subsequently be intercepted and the content be tampered with (a so-called downgrade attack), your browser will not accept that. Browsers will refuse to contact Uptrends over a non-secure connection, for the following reasons:
- The Uptrends website and customer app portal have a HTTP Strict Transport Security (HSTS) policy in place. This means that browsers are instructed never to follow an insecure HTTP link to the uptrends.com domain, but always use HTTPS instead.
- The uptrends.com domain was among the first 1,000 domains who were listed in the HSTS preload list. This preload list is hard-coded in mainstream browsers like Chrome, Firefox, Internet Explorer 11, Edge, Opera and Safari, which means that those browsers are hardwired to always use HTTPS for uptrends.com and its sub-domains.
- If you review the TLS certificate for this site, you’ll notice that this website is owned by Uptrends B.V. The certificate is signed by Sectigo Limited, one of the worldwide recognized Certificate Authorities. Your browser wouldn’t even trust the connection without a CA signing it.
- Furthermore, you’ll notice that the certificate is an Extended Validation (EV) certificate. This means that Sectigo, as the authority who guarantees the identity of the certificate owner, performed audits to verify our existence as Uptrends' legal entity. This is the best available way to prove that the domain you’re currently visiting is in fact owned by Uptrends, and that you can trust that its content is coming from Uptrends.
Public key information
The following information describes properties of the public key that corresponds to the client certificate used by Uptrends' checkpoint servers, when they’re instructed to do so. This client certificate, just like the certificates pertaining to our web sites, have been signed by a Certificate Authority.
|Issuer||CN = Sectigo RSA Client Authentication and Secure Email CA
O = Sectigo Limited
L = Salford
S = Greater Manchester
C = GB
|Subject||E = firstname.lastname@example.org
CN = Uptrends
O = Uptrends
STREET = Raoul Wallenbergplein 31
PostalCode = 2404 ND
L = Alphen aan den Rijn
C = NL
|Expiration date||Friday, 22 September 2023 01:59:59|
|Full public key (Base64)||—–BEGIN CERTIFICATE—–