 |
What
is a SSL server certificate?
An electronic certificate that establishes credentials
when doing business or other transactions on the Web.
It is issued by a certification authority (CA).
It contains a user’s name, serial number, expiration
dates, a copy of the certificate holder's public key (used
for encrypting messages and digital signatures), and the
digital signature of the certificate-issuing authority
so that a recipient can verify that the certificate is
real.
When transactions occur on the web, SSL encrypts the buyer’s
credit card information for transmission to the merchant,
and then decrypts at the merchant’s site.
Why do businesses use SSL
server certificates?
To encrypt communication between browser and server in
order to provide a secure environment where sensitive
data can be transmitted.
Who uses SSL server certificates?
Any company who conducts business via the web and needs
to protect browser to server communication. Any website
owner who wants to assure customers that they are not
exposed to any of the risks associated with sending sensitive
data, such as credit card numbers, over an open network
(such as the Internet).
How does it work?
Digital certificates encrypt data using Secure Socket
Layer (SSL) technology, the industry-standard method for
protecting web communications.
The SSL security protocol provides data encryption, server
authentication, message integrity, and optional client
authentication for a TCP/IP connection.
Because SSL is built into all major browsers and web servers,
simply installing a digital certificate initiates SSL
capabilities.
How secure is it?
SSL comes in two strengths, 40-bit and 128-bit, which
refer to the length of the "session key" generated
by every encrypted transaction.
The longer the key, the more difficult it is to break
the encryption code.
Most browsers support 40-bit SSL sessions, and the latest
browsers, including Microsoft Internet Explorer and Netscape
Communicator 4.0, enable users to encrypt transactions
in 128-bit sessions - trillions of times stronger than
40-bit sessions.
Can I transfer SSL certificate
to other server?
In order to guarantee the security of this certificate,
Hostik will not permit its transfer to servers outside
the Hostik services.
How to tell if a website is secure?
If a website does not have an SSL certificate, web users
will see the "unlocked" padlock icon in their browser
windows. If a secure SSL connection is established between
the web browser and the web server, the "http" in the
web address will normally change to "https", for example:
"http://www.lanset.net" becomes "https://www.lanset.net".
The SSL connected browser will also display the "locked"
padlock icon. To test whether a site has a valid certificate,
try to initiate a secure connection with that website
by accessing the URL using the https:// prefix instead
of http://
Why are https pages so
slow?
Any page you link to using https:// rather than http://
will be encrypted and will load securely. SSL will slow
down page load times, so it is strongly advised that you
use this option only for pages that require data to be
secure, such as order forms.
Why do I get a warning
message of security certificate?
If your certificate has been installed, then your problem
is that you access your site without the "www".
You must use www in https://www.yourdomain.com.
If you receive a warning of secure and non-secure, the
links of the images/files may contain non-secure. You'll
need to put 's' in https://www.domain.com/image.jpg
for secure image. All secure files must be in same secure
domain site.
Why do businesses need
identity assurance?
To prevent online identity fraud. To protect their brand
and assure that they are not misrepresented on the Internet.
To provide assurance to customers – creates consumer
confidence
Who uses identity assurance?
Any business who has a presence on the web should protect
their identity.
What is identity assurance?
Provides assurance that the entity you are doing business
with online is really who they say they are.
The Internet enables anyone to put up a web site and begin
conducting business. Cases of web site “spoofing”
(copying someone else’s web site for fraudulent use)
are on the rise.
One example: (4/99) a counterfeit web site was put up
by an employee of PairGain. The site had the exact look
and feel of Bloomberg’s web site, however, incorrect
content was place within the spoofed site indicating that
PairGain was being acquired. Investors were duped into
investing $63M, all of which was lost.
What
is QuickSSL?
QuickSSL is a web server certificate that allows consumers
and web sites to conduct safe e-commerce with encrypted
SSL connections. QuickSSL web server certificates are
compatible with 98% of all browsers.
What is SSL?
The SSL (secure socket layer) protocol is the web standard
for encrypting communications between users and web sites.
Data sent via an SSL connection is protected by encryption,
a mechanism that prevents eavesdropping and tampering
with any transmitted data. SSL provides businesses and
consumers with the confidence that private data sent to
a web site, such as credit card numbers, are kept confidential.
Web server certificates are required to initialize an
SSL session.
Why are QuickSSL web server
certificates so inexpensive?
Historically, most SSL certificates cost $350 or more,
but GeoTrust has developed fully automated systems to
verify that a certificate purchaser has appropriate administrative
rights to a web server's domain. This greatly lowers our
costs for issuing QuickSSL certificates, and we pass those
savings on to you. With QuickSSL, you can assure your
customers that their transactions and information are
secure on the Internet without having to pay an unreasonable
price.
What web browser programs are compatible with QuickSSL?
QuickSSL is compatible with Microsoft Internet Explorer® 5.01 and higher and Netscape/AOL web browsers version 4.51 and higher, comprising an estimated 98% or more of all web browsers in use today. All other commonly used browsers may connect securely with web servers using QuickSSL certificates. However, some older browsers may display a dialogue box indicating that the certificate is not trusted. This means that the certificate is not located in the browser certificate store and, in most cases, the user will be prompted to install it with a few clicks of their mouse.
What is a Certificate Signing
Request (CSR) and QuickSSL Certificate?
A Certificate Signing Request (CSR) is a special file
with encoded information generated by a Web server necessary
to request a digital certificate from a certificate authority.
QuickSSL Certificate is a Digital Certificate that must
be obtained from certificate authority.
How do I install QuickSSL
Premium seal?
To install QuickSSL premium seal, simply add the following
lines to each web page on which you want the QuickSSL
Premium seal to appear:
<!-- GeoTrust QuickSSL [tm] Smart Icon tag. Do not edit. -->
<SCRIPT LANGUAGE="JavaScript" TYPE="text/javascript"
SRC="//smarticon.geotrust.com/si.js"></SCRIPT>
<!-- end GeoTrust Smart Icon tag -->
These instructions will retrieve your QuickSSL Premium
registration data from the QuickSSL Premium registry server
and cause the QuickSSL Premium seal to be displayed on
your web page. Remember, the web page on which you place
this QuickSSL Premium seal must use exactly the same domain
that is in your QuickSSL Premium enrollment application.
For instance, if the enrollment is for www.example.com,
then the QuickSSL Premium registration is for that site,
and does not include other fully qualified domains like
www2.example.com.
|
|
