11
May
2011

If you want to secure an infinite number of sub domains on a single domain name, a Wildcard SSL certificate comes in handy. It brings with it numerous advantages but there are two sides to every coin; so there are a few shortcomings to this certificate as well.

The good news first:

-> Security for ‘n’ number of Sub – Domains

Let’s face it, buying a single Certificate for each new sub domain is going to prove to be a costly exercise. When you go for a Wildcard SSL certificate, it provides a security cover for all your sub-domains, irrespective of their number.

-> Cost Effective

Using this certificate will prove to be much cheaper than buying a new certificate for each one of your sub domains.  If you choose the right certificate provider you might also be offered the advantage of unlimited server license. What this means is that a single Wildcard SSL certificate can be used on several web servers.

-> Convenient Management

Imagine the difficulty in deploying a new SSL certificate for every sub-domain you might have or plan to get. It’s a task that is simplified by the Wildcard certificate.

Now for the bad news:

-> Vulnerability

Wildcard offers users the benefit of a single certificate that can be used across multiple sub domains on a single domain name.  But there is catch – There is just one private key. What this means is that it increases the vulnerability of your domains.  If one server gets compromised, so do the others.

There is also a silver lining in the form of a unique private key. You could search for certificate providers who give you the option of generating new Wildcard certificates albeit with the same domain name. Each certificate will have a unique key, thus decreasing the vulnerability associated with it.

-> Compatibility Issues

If you are looking for mobile device compatibility, there might be a problem. There are some mobile OS that don’t support the Wildcard SSL certificate. But here again, you have an option of choosing specific Wildcard certificates offered by certain companies. These certificates offer you a way out of the problem.

Knowing about the pros and cons of using a Wildcard SSL certificate will help you make an informed decision as to whether you should use it or not.

22
December
2010

An SSL Certificate is necessary to protect websites and enable them for data security. However, there are different types of SSL Certificates and the website owners often are unsure of the type of certificate they need for their online security needs. Here are five different SSL Certificates which usually fit into the requirements of most of the web bearers. Choose any one of these that offers you an optimal web security within the budget you can afford.

EV SSL Certificate

An EV SSL Certificate (Extended Validation SSL Certificate) is more than just a transaction protector. Apart from creating secure transactions, it also reassures visitors about the business a site conducts. If you are using an EV SSL Certificate, your website displays a green URL. This assures customers that the site is verified to be genuinely of the owner who claims to own it and hence could be trusted and relied upon.

Instant SSL Certificate

An Instant SSL Certificate is one of the most cost-effective fast-installed SSL Certificate to secure a webserver. Customers could be assured about a complete security of the transaction data till it reaches the intended webserver.

Essential SSL Certificate

An Essential SSL Certificate is highly trusted in the industry as a quick, reliable solution for web security. It can be of significant value to you if you are an e-merchant as it secures E-commerce sites in no time.

Wildcard SSL Certificate

A Wildcard SSL Certificate can help you if you want to secure your multiple sub-domains over multiple servers all by one single certificate. It saves you time and money over buying and managing of individual certificates for every sub-domain.

Code Signing Certificate

A Code Signing Certificate facilitates the protection of software code and content for the software publishers and the users downloading it. It typically allows the software developers to include their digital signatures and information with the software. Due to this, customers purchasing the software online get assured of its genuine source and an unaltered code.

26
November
2010

Security has always been a big question where money is involved. As website security is a vital issue with online transactions, you, as an end user, would always seek a complete security assurance before making a purchase or paying for a service on the internet. You should, therefore, make sure that you are on a “secure” site and go ahead with your transaction only if it uses an SSL Certificate!

Online paying facility has come up as an exciting reality due to a blend of technology and cyberspace. Just by entering a few details on a website, you can book services online. Different websites allow using credit/debit card or other payment gateways to pay for their offerings. This trend has facilitated internet retail businesses, Ecommerce, banking, hotel, tours and travels, and many other industries. But at the customer’s end, things are a bit different. Can I trust this site? What if it’s a counterfeit business? Should I route my credit card details on the web for a transaction? What if my confidential data gets into the wrong hands? It is quite obvious that they have these concerns because if there is any loss it is to them. Be it an online shopper or an individual booking a railway or a bus ticket online or the one paying fees at an institution’s website, concerns are more or less the same with “security” as the root cause.

SSL is quite a buzz among the internet users, so most people know how secure online deals are made possible. SSL (secure sockets layer) is the method ensuring safe and secure deals between the customer and an eBusiness. It functions through the encryption routines and programs that are discovered about the internet host and browser. SSL Certificates make use of technology that runs a cryptographic protocol to hide information provided to a site by converting it to a scrambled form till it reaches the server that requested it. This prevents any eavesdropping and tampering with the transaction-specific data entered by a site user, and the user can be sure that no one will be able to intercept his sensitive data. Also, if a site is using a valid SSL Certificate, it can be understood that it is operating legally and is not a fraud business. This is because SSL Certificate selling authorities, called CAs, are used to verify the businesses for their authenticity and reliability before they issue a cert.

Such a security measure is highly useful while purchasing software directly from a website. Customers need to be assured that the code they are downloading from that site is intact on its integrity and has not been altered or tampered with in the transit. A Code Signing Certificate can help the business by assuring the software downloader that the software comes from the authentic source and its code is not altered since it has been created.

Thus, there is just one answer to all website security needs, and that is SSL Certificate. Though it works behind the scene, there are indicators to show that a site provides SSL security. An “https” in the URL and a padlock sign on the “https” web page are the common SSL signs customers look for. Make sure that these signs are present on the web page asking your details and get assured of your transaction safety.

2
November
2010

No physical barriers exist anymore if we look at how things work in the seamless world of internet. Services and goods are not region-bound anymore, and you can shop around anywhere just sitting at wherever you are. It’s all so convenient and thrilling for the users. But, any new trend has its own setbacks, and this one has it too. The online shops or any other websites where personal information traverses from server to server for payments or other dealings are unsafe to process any customer data until they gain ability to secure online transmissions with a protection called SSL Certificate.

Today’s internet users are much informed of the security threats websites are prone to get trapped into, such as hacking and phishing. In the absence of SSL security, they will not enter any sensitive data like credit card data or bank account details to process a transaction and the owners will not make any business online. Today, not only Ecommerce sites need SSL Certificates, but any website either receiving or sending confidential data or mails is in need of this data safeguarding method.

The online world, inclusive of the web owners, net users, and online shoppers, has accepted SSL Certificates as highly reliable in terms of web security. Few prominent Certificate Authorities (CAs) from where web owners can purchase SSL Certificates are VeriSign, Comodo, and Thawte. Your website carries some signs of the agency that issued the SSL Certificate, and therefore, if purchased from a reputed certificate-issuing authority, a higher level of trust and security assurance is conveyed to the users looking for SSL indicators.

To stay safe and secure on the web, the use of SSL Certificate can’t be done away with. Its unique encryption method culminates into complete secure transactions, making web owners and customers feel confident with their online dealings.

19
October
2010

An SSL Certificate (Secure Socket Layer Certificate) is installed on a website to secure any information that it processes. The purpose of employing this security measure is to protect any sensitive data that’s exchanged for an online dealing. Data, such as credit card or bank account details, is often demanded from the customers making online payments. A site enabled with SSL security is only trusted for divulging such data as it protects the information throughout its transition from one server to the other (from customer to owner) and prevent any data theft.

Installing an SSL Certificate without any mistakes will make your site perform its security function in an error-free manner and also save you from some unexpected future happenings. The following tips can help you accomplish this:

Understanding your requirements for SSL installation

–>> Choose an SSL Certificate of a type and grade according to your website security need. The prices vary, and the stronger you want your SSL Certificate to be, the costlier it becomes. In case you accept credit card payments directly from the server, you will need to contact your bank or credit card payment gateway and ask for the SSL requirements.

–>> Your server should be capable of establishing secure connections. It’s least bothering as all modern servers are capable of it.

–>> You need a dedicated IP address for SSL installation. If you are on a shared hosting plan, you need to obtain this from your hosting company. If not for free, they will charge just a tiny monthly fee to move you to a dedicated IP address.

–>> To actually start with an installation, you will first need to generate a CSR (Certificate Signing Request). Before this, you may require to generate a CSR key if it’s your first SSL installation on the site. Your server’s control panel is the place where you can do both these tasks.

Installing an SSL Certificate

–>> You might want to remain in line with your site’s SEO while choosing the domain name for SSL enablement. You may want to include “www.” with the domain name for the sake of consistency and to go with the industry standard.

–>> Be careful with the selection of a CSR key if you have more than one option (the one you want most likely is “www.”).

–>> Copy and paste the CSR from the page displaying it into Notepad (a regular word processor like MS Word may mess it up).

–>> The CSR should be properly copied the way it is. It looks something like:

—–BEGIN CERTIFICATE REQUEST—–

***Several lines of random-looking characters***

—–END CERTIFICATE REQUEST—–

Make sure that there is no loss of characters while you copy the CSR from its original source (the dashes and other characters as indicated above).

–>> Different SSL vendors will have their different ways instructing you on configuring your SSL Certificate. Pasting your CSR into one field and your contact information in as many as three places will be required. The contact information will need inputs such as certificate owner’s name, address, email address, etc. The technical and billing contact requirements for most vendors are the same as these.

–>> The email address you provide when you submit your CSR and contact information must be authoritative for the domain or server (a common version is admin@mydomainname.org where mydomainname.org is the domain for which the certificate will be installed). This is the address where you will receive an email from the CA for transaction approval.

–>> The certificate mailed to the requester looks much like the CSR but is a little larger. Installation of the certificate is usually done in two ways. Either you are required to paste the certificate (along with CA Bundle if applicable) into a field on the server or upload the certificate directly from the file located on your computer and let the server install it. Make sure that if you copy and paste the certificate into the field then it includes all the characters as in the original source. It will appear something like this:

—–BEGIN CERTIFICATE—–

***Several lines of random-looking characters***

—–END CERTIFICATE—–

Good luck with your SSL Certificate installation!

« Older Entries