Knowledgebase: SSL Certificates

SSL FAQ

Posted by on September 04 2015 01:33 PM

Q: What is an SSL Certificate? Do I need one?

A: SSL (Secure Sockets Layer) is a security protocol which enables data encryption between servers, websites, and web clients. SSL allows sensitive information such as credit card numbers or login credentials to be transmitted securely over the internet. Normally, data sent over the internet is in plain text, which means it can be intercepted in transit. If you have a website that requests confidential or personal information, you will generally want an SSL certificate to protect your site, and your site visitors.

Q: What is encryption and why are there different levels?

A: Encryption is a mathematical process of coding and decoding information. The number of bits (40-bit, 56-bit, 128-bit, 256-bit) tells you the size of the key. Just like a longer password is more secure than a shorter one, a larger key has more possible combinations, making it more secure. As a reference point, 128-bit encryption is one trillion times stronger than 40-bit encryption. The strength of an encrypted connection can depend on multiple things, such as your web browser, SSL certificate, web server, and client computer operating system.

Q: What is the difference between a regular and a wildcard SSL certificate?

A: If you purchase the regular SSL for your domain, it will cover both your www. and non-www. site (i.e. yourdomain.com and www.yourdomain.com). All other subdomains will not be covered (for instance, blog.yourdomain.com would still be unsecured). With a wildcard SSL certificate, you would place an order for *.yourdomain.com, and it will secure all subdomains for your domain name.

Q: What is a CSR?

A:A CSR, or Certificate Signing Request, is an encrypted block of text that contains information to be included in your SSL certificate, such as your domain name, organization name, locality, and country. When the CSR is generated, it is paired with a private key that will be used during installation to verify the certificate is valid.

Q: What is a public/private key pair?

A: Each SSL certificate contains a public and a private key. The private key is installed with the certificate on the web server, and should not be shared with anyone outside your organization. The public key is incorporated into the SSL certificate and is shared with web browsers when viewing your site.

Q: How do my site visitors know if I am using an SSL?

A: When your web browser connects to a secured website, it retrieves your site's SSL certificate and checks multiple items to ensure the SSL is valid and being used on the correct domain. If any of these conditions is not met, you will see an error. If all these conditions are met, your web browser will show one or more of these signs:

  • The beginning of the URL will change from http:// to https://
  • A padlock on the browser will change from open to closed
  • The address bar will turn green

Q: I received an email asking me for documentation to prove I own my website. Is this necessary?

A: When you submit an SSL order, you may be contacted with a request for further documentation that proves you own, or have a legal right to use, the domain name in question. You may also be asked to validate that your organization is a legitimate, legally accountable entity. These measures are in place to assist in ensuring your security as a website owner and the security of those who visit your website, and to prevent fraud.

If you have any further questions that were not answered in this article, please contact us.


Copyright © 2016 HostMySite