MENU

Securing your Website with an SSL Certificate

An SSL certificate allows secure communication between a web server and clients accessing it. In the case of web browsers surfing secure web sites, SSL communication starts with the web browser requesting the digital certificate from the web server. The certificate contains the hostname of the web server, an expiration date of the certificate, the public key of the web server, and is signed by a Certificate Authority (CA) like VeriSign, Comodo, GeoTrust or Thawte.

The web browser can validate all of these pieces of information except for the public key of the web server. If all of the verifiable components pass validation, the web browser will generate its own public key and send it back to the web server. When the web browser’s public key is sent back to the web server as a response, it uses the web server’s public key, which was contained within the certificate, to encrypt the browser’s public key being sent. Now both the web server and web browser will be able to communicate with each using secure, encrypted communications because they have exchanged each of their public keys.

SSL Certificates are most commonly used for transmitting confidential banking or credit card information or during a secure login. A website visually shows that they are using an SSL Certificate by use of a small padlock icon in the browser. On any page that is secured, the icon will change to the locked image. Installing an SSL Certificate increases the confidence of visitors and customers.

There are a variety of SSL Certificates available:

Domain Validation SSL Certificates (DV SSL)

These certificates are issued only after the domain ownership has been validated via email. Company and business documents are not required during the validation process. This is the fastest SSL issuance process.

Organization Validation SSL Certificates (OV SSL)

This certificate is issued after the business is manually validated. Business documents are required and the process can take up to three business days to complete. The OV SSL’s are highly recommended for companies that have online shopping cart features. This SSL is rated more secure than the Domain Validation SSL.

Extended Validation SSL Certificates (EV SSL)

The EV SSL is the highest rated certificate. It provides a green address bar which is exclusive to the EV SSL to provide visual assurance to visitors that the site is verified and secured.

Wildcard SSL Certificates (Wildcard SSL)

Wildcard SSL Certificates are designed to secure unlimited sub domains over a single fully qualified domain name (FQDN). This certificate is used by companies that have a primary domain as well as multiple sub domains.

Multiple-Domain SSL (SAN SSL-UCC SSL)

Multiple Domain Certificates (MDC) are used for securing up to 100 domains under one certificate. The domains must be run on the same server to qualify for the single certificate. This certificate allows you to consolidate your SSL management process and manages the SSL encryption for all of your domains under a single SSL Certificate.

SGC SSL Certificates (SGC SSL)

SGC SSL Certificates upgrade the encryption capabilities of older browsers from a 40-bit encryption into a 128-bit or 256-bit encryption. This means your website has the highest rating for protection and is trusted by the highest number of browsers including older versions of Windows and Internet Explorer.

Who should use an SSL Certificate?

Any organization that is transmitting sensitive information through their website should use SSL Certificates.

Typical organizations include but are not limited to:

– Online Retailers
– Banks
– Government Organizations
– Educational Institutions
– Organizations and intranets that want to protect sensitive company data

DANIPA is pleased to offer SSL Certificates from Industry leading brands for our customers! Click here to get started!

One thought on “Securing your Website with an SSL Certificate

  1. Secure128.com said…
    Danipa, good descriptions of the SSL types. Amazing how many websites still don’t encrypt pages requiring login and Password credentials.

    It’s going to take the browser makers push to get the general Internet population up to speed on what EV SSL is.