On 2011-02-07 4:36 PM, Surgemail Support (Marijn) wrote:
> I would like to get to the bottom of why there have been rather a spate
> of SSL certificate installation issues of late??

I got the following 2 emails from my CA:

=======
Important RapidSSL Updates
Dec 07, 2010 02:07 pm

To fall in line with new CAB forum guidelines there are a few important 
updates to RapidSSL certificates (including wildcard).

Intermediate CA
The RapidSSL certificate will be issued using an intermediate CA from 9 
December 2010. This intermediate certificate must be installed with your 
certificate to ensure the best browser compatibility.

Block CSR requests under 2048bits
For certificates that extend beyond 2 years you will not be able to use 
a CSR request using less than 2048bit. This is to ensure that all 
certificates are at least 2048bit by 2012.

======
Jan 27, 2011

You are receiving this e-mail because your SSL certificate(s) listed 
below will be affected by a change the Mozilla Foundation is making on 
June 30, 2011. The change will affect how your RapidSSL� certificates 
perform in Firefox browsers.

Mozilla will disable their support of the MD5* signature algorithm 
beginning on June 30, 2011. On and after that date, SSL certificates 
signed with an MD5 algorithm will display errors and not function 
properly in updated Firefox browsers. The Mozilla notice regarding this 
change can be found at: https://wiki.mozilla.org/CA:MD5and1024.

Although RapidSSL has not signed certificates using the MD5 algorithm 
since December 2008, the algorithm was used for some certificates with 
multi-year validity periods prior to that date.

-- 
Neil Herber