1. What is a Web-Certificate?
A Web Server Certificate permits securer communication between a client and a server (say a customer’s browser and a web retailer’s server) or two servers (any servers who want to “talk” securely amongst themselves). Simply stated, a web-certificate is a digital document that has unique codes to identify the holder of the certificate to the person accessing the site.A Personal Certificate is issued to individuals to certify their identity. One can use them to digitally sign email, documents, jar files etc. to prove that they were the author, and that the files have not been tampered with.
Total Web Designs will be offering web certificates. Personal Certificates may be offered at a later time along with other security products.
2.How does a web-certificate work?
A Web-certificate functions as follows:
- Whenever anybody transacts with a “secure” web-site, their browser (or server) authenticates the identity of the web-site using the web-certificate
- If the site’s certificate is not valid, a warning is issued to the user, otherwise the web-cert creates an SSL (Secure Server Layer) session and encrypts any information exchanged during that session
- This prevents communication from being intercepted and deciphered by nefarious people on the Internet.
3. Can you explain “how a web certificate works” in “Plain English”?
Basically, when two parties (say a customer and the Amazon.com web-site) wish to “talk” securely (transfer the customer’s credit-card number to Amazon.com), then a web-certificate sets up a “secure” session that first verifies the true identity of the party that requests data transfer (Amazon.com).
If a certificate is valid, the other party (the customer) gets a message saying that its OK to “talk” to them (Amazon.com), as they are who they say they are. The other party (customer) then transfers the info (CC number) securely, without fear of any nefarious elements intercepting the data.
If the certificate is invalid, a message pops up saying so. Transactions can still occur, but at the risk of counter party fraud (It may be joesbooks.com tying to appear as Amazon.com)
4. How can someone tell whether a website is using a web certificate or not?
The pages of a web-site which are secured by a web-certificate are characterized by the following traits:
- The URL of the secure web-pages change from http://… to https://
- A lock symbol appears in the lower left-hand (right hand) status bar in Internet Explorer.
- A lock symbol appears in the beginning of the Web Browser Address Bar
If one wants to view and verify the encryption information of the secure pages, one should simply undertake the following:
- In Google Chrome – click on the lock symbol above and select “View Certificate” button
- In Internet Explorer – double-click on the lock in the lower right-hand status bar.
5. How are your web certificates trusted by the browsers?
Our web certificates are automatically and transparently trusted by browsers. This trust is established because our supplier’s Root Certificate has been embedded in all major browsers.
6. What browsers will my web certificate work with?
The web certificates we issue work with 99% of the browsers in use today.
7. How do your web certificates work for different versions of browsers?
Cross Certification: The process by which two Certificate Authorities (CA) certify each other’s trustworthiness.
8. How long does it take to get a web certificate?
Companies will usually receive a web certificate within the same day or up to 1 week after the an approval process has been complete. The verification period varies and relies greatly on the information provided by the company during the application process. For EV SSL (Extended Validation SSL) the entire process can take up to 1 week or longer.
9. How strong are your server certificates?
Our server certificates are 2048 bit capable.
10. Is my web certificate tied to my IP address?
No, server certificates do not contain any information about IP addresses. However, the domain name listed in the server certificate must match the domain name of the server on which the Web server certificate is installed. The domain name can be mapped to any IP address.
11. I am using several servers in a load-balancing configuration. How many web certificates do I need?
You will need one web certificate for each of your secure servers (including any virtual servers).