SSL Certificates, Call us now on 1300 694 678
SSL Certificates
What is a SSL certificate?
The SSL (secure socket layer) protocol is the web standard for encrypting communications between users and web sites. Data sent via an SSL connection is protected by encryption, a mechanism that prevents eavesdropping and tampering with any transmitted data. SSL provides businesses and consumers with the confidence that private data sent to a web site, such as credit card numbers, are kept confidential. Web server certificates are required to initialize an SSL session
Are GeoTrust's certificates 128 bit?
Our certs are all 128-bit. For each and every session, the server and browser negotiate and choose the highest common encryption strength between them. So if a 40-bit browser user hits your SSL-secured site, the resulting connection will automatically become a 40-bit strength encryption.
GeoTrust recommends that end-user Subscribers select the 1024-bit encryption strength or the equivalent descriptor option when generating their certificate requests. When the certificate's key length is 1024 or longer, the SSL session key will be 128 bit. If the certificate key length is 512, the SSL session key will be 40 bit or 56 bit.
If you are running Windows, see Microsoft's bulletin Q300398: "You install a 128-bit high encryption certificate onto Internet Information Server (IIS) version 4.0 or 5.0, then browse with a 128-bit enabled Web browser to IIS by using https://. However, the Web browser only makes a 40-bit or 56-bit Secure Sockets Layer (SSL) session with IIS (size 7927 bytes, updated 6/13/2001 12:54:00 PM GMT)"
Why do I need a separate IP address per domain that I want to secure?
You need to have a separate IP address for each domain you want to secure. The reason for this is because a certificate is bound only to a domain name but, the SSL protocol is bound to static IP addresses; therefore, any certificate-enabled web site must have its own unique IP address. The IP can be real (routable) or internal (RFC 1918 non-routable address) and it must be unique on a server.
How does a server certificate work?
The end-user's browser requests a secure channel (via "https:") from the server, and then - if the server has a cert - the browser and the server negotiate their highest common encryption strength (e.g., 128-bits), and then exchange the corresponding encryption keys (this exchange is normally done using 1024-bit encryption strength). The 128-bit encryption key is then used for this particular instance of SSL, for all from-to exchanges between the browser and the server. The next https session will have a new session key.
The certificate guarantees the security of the connection between the browser and the server. Once data is in the server, it is up to the server admin to make sure the data remains protected
What web browser programs are compatible with QuickSSL?
QuickSSL is compatible with Microsoft Internet Explorer 5.01 and higher, Netscape/AOL web browsers version 4.51 and higher, and Opera 7, comprising an estimated 98% or more of all web browsers in use today (this information can also be found at http://www.geotrust.com/quickssl/browsers/index.htm). All other commonly used browsers may connect securely with web servers using QuickSSL certificates. However, some older browsers may display a dialogue box indicating that the certificate is not trusted. This means that the certificated is not located in the browser certificate store and, in most cases, the user will be prompted to install it with a few clicks of their mouse.
Digital Pacific Pty Ltd - Web Hosting Australia © 2000 - 2008 | Privacy Policy | Terms and Conditions | Resource Links