People are getting smart about online security. More and more of them are looking for the padlock icon and “https” prefix in the address bar of their browser before submitting personal information online. If your Web site doesn’t have an SSL Certificate, visitors may leave before making a purchase, creating an account or even signing up for a newsletter.
An SSL certificate is a digital certificate that authenticates the identity of a Web site and encrypts information sent to the server using Secure Sockets Layer (SSL) technology. Encryption is the process of scrambling data into an undecipherable format that can only be returned to a readable format with the proper decryption key.
An SSL certificate serves as an electronic “passport” that establishes an online entity’s credentials when doing business on the Web. When an Internet user attempts to send confidential information to a Web server, the user’s browser accesses the server’s digital certificate and establishes a secure connection.
An SSL certificate contains the following information:-
The certificate holder’s name
The certificate’s serial number and expiration date
A copy of the certificate holder’s public key
The digital signature of the certificate-issuing authority
How does SSL Certificates work? :-
An SSL certificate ensures safe, easy, and convenient Internet shopping. Once an Internet user enters a secure area – by entering credit card information, email address, or other personal data, for example – the shopping site’s SSL certificate enables the browser and Web server to build a secure, encrypted connection. The SSL “handshake” process, which establishes the secure session, takes place discreetly behind the scene without interrupting the consumer’s shopping experience. A “padlock” icon in the browser’s status bar and the “https://” prefix in the URL are the only visible indications of a secure session in progress.
By contrast, if a user attempts to submit personal information to an unsecured Web site (i.e., a site that is not protected with a valid SSL certificate), the browser’s built-in security mechanism triggers a warning to the user, reminding him/her that the site is not secure and that sensitive data might be intercepted by third parties. Faced with such a warning, most Internet users will likely look elsewhere to make a purchase.
Types of SSL Certificates :-
Wildcard SSL Certificates : Secure Unlimited Servers with ONE SSL Cert! (certification also covers unlimited first-level sub-domains) You get Strong 256 Bit Encryption, Secure Site Seal, & Web PKI to easily manage multiple SSL Certs.
Premium Extended Validation Certificates : It provides the highest level of online assurance for your customers using a process that’s standardized across all certification authorities:
More extensive than any existing SSL vetting process (undertaken by any certification authority).
Includes verification of your organization’s identity, the validity of your request and the overall legitimacy of your business.
Browsers also display both the organization name and issuing certification authority.
Using the same rock-solid, 256-bit encryption technology as Standard SSL and Deluxe SSL Certificates, Premium SSL Certificates prove that your Web site is a secure place for customers to conduct business.
Multiple Domain Certificates, also called Unified Communications Certificates (UCC): It provides the most flexible class of SSL Certificates today by securing multiple domain names with one certificate.
Secure up to 100 domain names on one certificate.
Save money because the cost of one Multiple Domain Certificate, with additional domain names, is less than the cost of individual certificates for each unique domain name.
Compatible with Microsoft Exchange Server 2007 and Microsoft Communications Server.
Simplifies the process of managing multiple certificates with varying expiration dates.
Our Single, Multiple Domain and Subdomain certificates all use the same rock-solid, 256-bit encryption technology, proving that your Web site is a secure place for customers to conduct business.
NOTE: The UCC Certificate is ideal for Communication Server, Exchange Server and other Enterprise Applications, as well as for single companies or entities with many related URLs. This Certificate is not recommended for use with sites completely separate from each other (e.g. a network provider who builds Web sites for competitors).
Most of the SSL certificate issuing companies will charge you around $399 per year. Some of the affordable SSL certificate provider like Hosting3i.com chareges $14.95 per year with 256-bit secure encryption.
SSL certificate will not only ensure safe transfer of critical information but also increase the creditability of your online store.
Watch the video related to SSL certificate
www.3Demo.com How to Install GoDaddy SSL Certificate in Windows Server 2008, IIS7
Help answer the question about SSL certificate
What to look for when selecting SSL Certificate for ecommerce site?- do customers care about the greenbar?
- what does the warranty cover at Verisign? Do other companies offer a warranty?
- what company would you select and why?
About Author
Jenny Dsouza is a Product Manager at Hosting3i.com which provides Cheap Domain Name Registration and SSL Certificates service.
Tags: 2008, Certificate, GoDaddy, IIS7, Install, SSL, Windows
I know on windows if you get that error, you have to make sure the date, time abd year are correct on the comp. and make sure the comp. is in the correct time zone. Im not sure if its the same with a mac, but its worth a try.
If it's the same domain then it should work fine. The only problem woud lbe if they were different domains, because the oen thats not right would get a message that pop ups every time you try to connect using it, and people would think your site is bad.
you can buy one from anyone who sells them. I like GoDaddy.com
These links could help you:
http://customersupport.networksolutions.com/article.php?id=777
https://www.geotrust.net/resources/cert_reissuance/index.asp
http://www.thawte.com/reissue/
Good Luck !!!
1. No, you can't (at least not from an accredited company). EV stands for extended validation. Verification of identity is one of the requirements for extended validation.
2. The companies issuing EV SSL certificates must pass an audit before they are allowed to do so. Some well known companies are http://www.VeriSign.com, http://www.Entrust.net and http://www.DigiCert.com/ev-ssl
See the EV SSL Certificate FAQ for more info on EV SSL issuing criteria: http://en.wikipedia.org/wiki/Extended_Validation_Certificate
yes and no. you do have to have an ssl certificate for ssl to work, but if you create your own, it is not a publically trusted certificate. the person on the other end has to trust that you are who you say you are. you may say, but i am. that is correct, but I also could pretend to be you.
If all of their personal information is being gathered through Pay Pal then no there is no reason to get an SSL Certificate. Just let them politely know that they will be making their secure purchased through Pay Pal.
If you are gathering information such as their name, address and other personal information it could be wise to have an SSL on your site. For example, will it be a shopping cart software that stores all their information, and just for payment send it off to Pay Pal? If so, you want the SSL protecting the part where the user is logging in and editing personal information.