SSL Certificate FAQ
- How does SSL protect my website?
- How do I know if I need SSL?
- How does encryption work?
- How is the data authenticated?
- What encryption strength do I need for my website?
- What will I need to provide in order for Digicert to verify my business identity?
- How long does verification take?
How does SSL protect my website?
The primary function of an SSL Certificate is to allow for the encryption of your visitor's private information when they submit it to you through a form. Each SSL Certificate contains a unique and verified information about the certificate owner. A certificate authority (such as Digicert or Thawte) verifies the identity of the certificate owner so the website visitor can have confidence that their information is being sent to the party they intended.
How do I know if I need SSL?
You need an SSL Certificate if you:
-
- have an online store or accept online orders and credit cards
- - offer a login or sign in on your site
- - process sensitive data such as address, birth date, license, or ID numbers
- - need to comply with privacy and security requirements (HIPAA,PCI Compliance)
How does encryption work?
Think of making a phone call on party line. Anyone listening for your conversation could eavesdrop on every word. an SSL Certificate establishes a private line of communication during the transmission of the information between the two points. Before the data is sent it is 'scrambled' in a nearly indecipherable manner to assure that only the recipient is capable of unscrambling it.
Each SSL Certificate consists of a public key and a private key. The public key is used to encrypt information and the private key is used to decipher it. When a Web browser points to a secured domain, a Secure Sockets Layer handshake authenticates the server (website) and the client (Web browser). An encryption method is established with a unique session key and secure transmission can begin. True 128-bit SSL Certificates enable every site visitor to experience the strongest SSL encryption available to them.
How is the data authenticated?
Every SSL Certificate is created for a particular server in a specific domain for a verified company. When the SSL Certificate reaches the
server, the browser requires authentication information from the server. By clicking the closed padlock in the browser window or certain SSL trust marks (such as the Digicert Secured Seal), the website visitor sees the authenticated organization name. In high-security browsers, the authenticated organization name is prominently displayed and the address bar turns green when an Extended Validation SSL Certificate is detected. If the information does not match or the certificate has expired, the browser displays an error message or warning.
What encryption strength do I need for my website?
Best security practices are to install a unique
certificate on each server and choose a True 128-bit Certificate by purchasing a Server Gated Cryptography (SGC)-enabled SSL Certificate. A unique certificate keeps your private keys protected, and an SGC-enabled certificate ensures that every site visitor, no matter what browser or operating system they use, connects at the highest level of encryption their system is capable of. You need 128-bit or better encryption if you process payments, share confidential data, or collect personally identifiable information such as social security or tax ID number, mailing address, or date of birth. You need 128-bit or better encryption if your customers are concerned about the privacy of the data they send to you.
What will I need to provide in order for Digicert to verify my business identity?
Digicert must verify the existence of your business, the ownership of your domain name, and your employment status or authority to request the SSL Certificate. We may require official government documentation proving your right to do business. These may include:
- - Articles of Incorporation
- - Certificate of Formation
- - Charter Documents
- - Business License
- - Doing Business As
- - Registration of Trade Name
- - Partnership Papers
- - Fictitious Name Statement
- - Vendor/Reseller/Merchant License
- - Merchant certificate
If we cannot automatically authenticate your company's management responsibility for the domain name that is associated with the SSL Certificate, we will require an authorization letter from that domain's owner. This step prevents applicants from fraudulently or accidentally obtaining SSL Certificates for inappropriate domains.
How long does verification take? Authentication for new certificates could take as little as 1 hour or up to couple days, depending on the verification information you provide and whether or not your certificates are pre-approved. Digicert can authenticate your organizational and contact information and store the information's pre-approved status for future certificate requests when you purchase units using a Digicert Cert Central Enterprise Account. When you submit a certificate request that contains the authenticated information, Digicert needs only to verify the domain. If your organization is the legal holder of the domain, you can expect to receive your certificate within 1 hour of your request. Processing times for Extended Validation SSL Certificates may take longer due to additional verification requirements mandated by the Extended Validation (EV) SSL Guidelines.
SSL Certificate Support
- SSL Certificate Support
- SSL Certificate FAQ
- EV SSL Overview
- EV SSL Requirements
- How To Create A CSR
- MS Exchange Server 2007 CSR
- MS Exchange Server 2010 CSR
- MS Exchange Server 2013 CSR
- MS SBS Server 2008 CSR
- MS Windows 2003 - IIS 6 CSR
- MS Windows 2008 - IIS 7 CSR
- MS Windows 2012 - IIS 8 CSR
- Outlook Web Access CSR
- Apache SSL CSR
- Cisco ACS 3.2 CSR
- IBM Websphere MQ CSR
- IBM HTTP Server CSR
- Lotus Domino 7.0 CSR
- Lotus Domino 8.0 CSR
- Covalent Apache ERS 2.4 CSR
- Covalent Apache ERS 3.0 CSR
- F5 BIG-IP CSR
- F5 Firepass CSR
- Mirapoint Message Server CSR
- Nortel SSL Accelerator CSR
- Oracle Wallet Manager CSR
- BEA WebLogic 6.0 CSR
- BEA WebLogic 8.1 CSR
- BEA WebLogic 10.1 CSR
- Barracuda Networks CSR
- SonicWALL SSL CSR
- cPanel WHM CSR
- Paralells Plesk Panel CSR