SSL Certificates for Web Applications
Security, Trust, Recognition
With fake sites, phishing and online fraud becoming commonplace, an SSL Digital Certificate is one of the most trusted ways for customers to feel safe when they are making web based transactions. When installed, your domain will then display a trust seal that assures safety.
SSL digital certificates are must haves not only for e-commerce sites. You may also need SSL digital certificates if your application needs to transmit encrypted data between your server and your client’s browser.
Our SSL Offerings
- Domain Validation
- Organization / Multi Domain Validation
- Extended Validation
- SAN Certificate
- Wildcard Certificates
Frequently Asked Questions
What is SSL?
SSL is an acronym for Secure Sockets Layer, a security protocol that uses digital certificate and creates and creates an encrypted connection between web server and visitors web browser. It is a small data file which when installed on a web server activates https protocol over port 443.
How does it Work?
SSL is a security protocol that protects user data during it’s transfer from your servers to the client’s browser.
Here’s what happens when a user wants to connect to secure website:
- User visits SSL secured web site, browser sends a ‘Client Hello’ to web server to request secure / SSL session.
- Web server responds to user / browser with certificate, including the public key.
- User browser will verify the certificate w.r.t Certificate Authority and validity from browser database.
- If certificate is valid, browser will generate unique session key, encrypt with server’s public key and send encrypted key to server.
- Server will then decrypt the message using private key and maintain the session key. A transaction establishes a secure communication pipe, user browser and server will now use session key to send information back and forth.
- A transaction ensures:
- Only user browser and server will have the session key, communication is protected.
- User is communicating with a web site which has been vetted to confirm the identity of organization requesting the details from user and the domain which represent the organizations application.
Why do I need an SSL certificate?
The primary reason why SSL is used is to keep sensitive information sent across the Internet encrypted so that only the intended recipient can understand it. Data transmitted over SSL connection cannot be tampered with or forged.
What is Certificate Authority (CA)?
A certificate authority is an entity which issues digital certificates to organizations or people after validating them. Every certificate authority has different products, prices, SSL certificate features, and levels of customer satisfaction.
How do SSL certificates compare between certificate authorities?
From functionality point of view SSL certificates from different certifying authority does same thing i.e. exactly same SSL encryption. Trust is the biggest difference. User essentially pays for the brand.
What is the trust seal for SSL certificates of different brands?
A trust seal is a logo displayed on web site that verifies that web site have been validated by a particular certifying authority and are using their SSL certificate to secure site.
What are the types of SSL certificates?
SSL certificates can be classified is many different ways, certificates issued by certifying authority have highest trust among users and are used widely. Based on this there are three types of SSL certificates:
- Domain validated SSL certificate
- Organizationally validated SSL certificate
- Extended validation SSL certificate
- Wild Card certificates and Subject Alternative Names are the special kind of SSL certificates.
How many domains can an SSL certificate secure?
SSL server certificates only secure a single domain name or sub-domain name per server. Specialized SSL certificates like Wild Card certificate and SAN certificate secures multiple domains and sub-domains. Not only reduces setup and management time but also reduces cost.
What is warranty?
SSL warranty is not for the purchaser but for the end user. If the purchaser turns out to be fraudulent and a user of web site loses money because the certificate authority didn't properly validate, then the certificate authority will compensate the end user.
How is SSL encryption length determined?
Misunderstanding among users is that SSL certificate dictates the strength of the encryption. Strength of SSL session is actually the function of strength of the browser and compatibility of the server. If the browser is limited to 128-bit encryption, then only a 128-bitsession will be established, even if the Web server supports 256-bit sessions. If both the browser and server support 256-bit encryption, then a 256-bit session can be established.
How long does it take to get an SSL certificate?
Getting SSL certificate depends on type of certificate and certifying authority from whom you ordered certificate. In-case of a domain-validated only certificate CA will issue within a few hours or couple of days. In-case of organization-validated certificate CA issues within a week after submitting all the documentation. But in-case of an extended validation certificate (EV) it takes several weeks for validation before getting certificate.