SlideShare a Scribd company logo

Beginners guide to_ssl_certificates

S
Sainath Kesavan
TechnologyEducation
1 of 8
Download to read offline
SSL CERTIFICATES BEGINNER’S GUIDE TO WHITE PAPER: White Paper Beginner’s Guide to SSL Certificates Making the Best Choice When Considering Your Online Security Options
White Paper: Beginner’s Guide to SSL Certificates Beginner’s Guide to SSL Certificates Making the Best Choice When Considering Your Online Security Options CONTENTS Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 What is an SSL Certificate? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 How Does SSL Encryption Work? . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 How Do I Know That a Site Has a Valid SSL Certificate? . . . . . . . . . . . . . . 4 Where Would I Use an SSL Certificate? . . . . . . . . . . . . . . . . . . . . . . . . 5 Different Types of SSL Certificate . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Tech Talk Made simple . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 2
White Paper: Beginner’s Guide to SSL Certificates Introduction Whether you are an individual or a company, you should approach online security SSL stands for “Secure Socket in the same way that you would approach physical security for your home or Layer.” It is a technology that business. Not only does it make you feel safer but it also protects people who establishes a secure session visit your home, place of business, or website. It is important to understand the link between the visitor’s web potential risks and then make sure you are fully protected against them. In the browser and your website so that fast-paced world of technology, it is not always easy to stay abreast of the latest all communications transmitted advancements. For this reason it is wise to partner with a reputable Internet through this link are encrypted and security company. are, therefore, secure. SSL is also used for transmitting secure email, This guide will de-mystify the technology involved and give you the information secure files, and other forms of you need to make the best decision when considering your online security options. information. For a glossary of terms, please see “Tech Talk Made Simple” at the end of this document. Would you send your private information or banking details to What Is an SSL Certificate? someone on the back of a postcard? An SSL certificate is a digital computer file (or small piece of code) that has two specific functions: 1. uthentication and Verification: The SSL certificate has information about A the authenticity of certain details regarding the identity of a person, business or website, which it will display to visitors on your website when they click on the browser’s padlock symbol or trust mark (e.g., the Norton™ Secured Seal). The SSL creates a safe and private vetting criteria used by Certificate Authorities to determine if an SSL certificate channel for you to communicate. should be issued is most stringent with an Extended Validation (EV) SSL certificate; making it the most trusted SSL certificate available. 2. ata Encryption: The SSL certificate also enables encryption, which means that D the sensitive information exchanged via the website cannot be intercepted and read by anyone other than the intended recipient. In the same way that a identity document or passport may only be issued by the country’s government officials, an SSL certificate is most reliable when issued by a trusted Certificate Authority (CA). The CA has to follow very strict rules and policies about who may or may not receive an SSL certificate. When you have a valid SSL certificate from a trusted CA, there is a higher degree of trust by your customers, clients or partners. How Does SSL Encryption Work? In the same way that you lock and unlock doors using a key, encryption makes use of keys to lock and unlock your information. Unless you have the right key, you will not be able to “open” the information. Each SSL session consists of two keys: • he public key is used to encrypt (scramble) the information. T • he private key is used to decrypt (un-scramble) the information and restore it T to its original format so that it can be read. 3
White Paper: Beginner’s Guide to SSL Certificates The Process: Every SSL certificate that is issued for a CA-verified entity is issued for a specific server and website domain (website address). When a person uses their browser to navigate to the address of a website with an SSL certificate, an SSL handshake (greeting) occurs between the browser and server. Information is requested from the server – which is then made visible to the person in their browser window. You will notice changes to indicate that a secure session has been initiated – for example, a trust mark will appear.If you click on the trust mark, you will see additional information such as the validity period of the SSL certificate, the domain secured, the type of SSL certificate, and the issuing CA. All of this means that a secure link is established for that session, with a unique session key, and secure communications can begin. How Do I Know That a Site Has a Valid SSL Certificate? 1. standard website without SSL security displays “http:// ” before the website A address in the browser address bar. This moniker stands for “Hypertext Transfer Protocol,” and is the conventional way to transmit information over the Internet. However, a website that is secured with a SSL certificate will display “https:// ” before the address. This stands for “Secure HTTP.” 2. ou will also see a padlock symbol on the top or bottom of the Internet browser Y (depending on which browser you are using). 3. ften, you will also notice a trust mark displayed on the website itself. O Symantec™ customers use the Norton Secured Seal trust mark on their websites. When you click on the Norton Secured Seal or the padlock symbol on the page, it will display details of the certificate with all the company information as verified and authenticated by the CA. 4. y clicking the closed padlock in the browser window, or certain SSL trust marks B such as the Norton Secured Seal, the website visitor sees the authenticated organization name. In high-security browsers, the authenticated organization name is prominently displayed and the address bar turns green when an 4
White Paper: Beginner’s Guide to SSL Certificates Extended Validation (EV) SSL certificate is detected. If the information does not match, or the certificate has expired, the browser displays an error message or warning. Where Would I Use an SSL Certificate? The short answer to this question is that you would use an SSL certificate anywhere that you wish to transmit information securely. Here are some examples: • ecuring communication between your website and your customer’s Internet S browser. • ecuring internal communications on your corporate intranet. S • ecuring email communications sent to and from your network (or private email S address). • ecuring information between servers (both internal and external). S • ecuring information sent and received via mobile devices. S Different Types of SSL Certificates There are a number of different SSL certificates on the market today. • he first type of SSL certificate is a self-signed certificate. As the name implies, T this is a certificate that is generated for internal purposes and is not issued by a CA. Since the website owner generates their own certificate, it does not hold the same weight as a fully authenticated and verified SSL certificate issued by a CA. • Domain Validated certificate is considered an entry-level SSL certificate A and can be issued quickly. The only verification check performed is to ensure that the applicant owns the domain (website address) where they plan to use the certificate. No additional checks are done to ensure that the owner of the domain is a valid business entity. • fully authenticated SSL certificate is the first step to true online security and A confidence building. Taking slightly longer to issue, these certificates are only granted once the organization passes a number of validation procedures and checks to confirm the existence of the business, the ownership of the domain, and the user’s authority to apply for the certificate. All Symantec SSL Certificates are fully authenticated. • ven though an SSL certificate is capable of supporting 128-bit or 256-bit E encryption, certain older browsers and operating systems still cannot connect at this level of security. SSL certificates with a technology called Server-Gated Cryptography (SGC) enable 128- or 256-bit encryption to over 99.9 percent of website visitors. Without an SGC certificate on the Web server, browsers and operating systems that do not support 128-bit strong encryption will receive only 40- or 56-bit encryption. Users with certain older browsers and operating systems will temporarily step-up to 128-bit SSL encryption if they visit a website with an SGC-enabled SSL certificate. For more information about SGC please visit: http://go.symantec.com/ssl-certificates. 5
White Paper: Beginner’s Guide to SSL Certificates • domain name is often used with a number of different host suffixes. For this A reason, you may employ a Wildcard certificate that allows you to provide full SSL security to any host of your domain – for example, host.your_domain.com (where “host” varies but the domain name stays constant). • imilar to a Wildcard certificate, but a little more versatile, the SAN (Subject S Alternative Name) SSL certificate allows for more than one domain to be added to a single SSL certificate. • ode signing certificates are specifically designed to ensure that the software C you have downloaded was not tampered with while en route. There are many cybercriminals who tamper with software available on the Internet. They may attach a virus or other malicious software to an innocent package as it is being downloaded. These certificates make sure that this doesn’t happen. • xtended Validation (EV) SSL certificates offer the highest industry standard E for authentication and provide the best level of customer trust available. When consumers visit a website secured with an EV SSL certificate, the address bar turns green (in high-security browsers) and a special field appears with the name of the legitimate website owner along with the name of the security provider that issued the EV SSL certificate. It also displays the name of the certificate holder and issuing CA in the address bar. This visual reassurance has helped increase consumer confidence in e-commerce. Tech Talk Made Simple Encryption: Information is “scrambled” so that it cannot be used by anyone other than the person for whom it is intended. Decryption: “Un-scrambling” information and put it back in its original format. Key: A mathematical formula, or algorithm, that is used to encrypt or decrypt your information. In the same way that a lock with many different combinations is more difficult to open, the longer the length of the encryption key (measured in number of bits), the stronger the encryption. Browser: A software program that you use to access the Internet. Examples include: Microsoft Internet Explorer (IE); Mozilla Firefox, Apple Safari, RockMelt, and Google Chrome. 6
White Paper: Beginner’s Guide to SSL Certificates Conclusion Trust makes all the difference in the world of online business. Investment in technology to protect customers and earn their trust is a critical success factor for any company that does business online or hosts an e-commerce website. The effective implementation of SSL certificates and correct placement and use of trust marks are proven tools in the establishment of customer trust. With the acquisition of VeriSign Authentication Services, Symantec is now the leading provider of SSL certificates globally, helping to assure customers that they are safe from search to browse to buy and sign in*. Symantec secures more than one million web servers worldwide, more than any other CA.* Symantec also secures over two-thirds of websites using Extended Validation SSL – including the biggest names in e-commerce and banking.* When you choose Symantec, you can rest assured that your website and your reputation are protected by the CA with a proven track record and the most recognized trust mark on the Internet. For more information, visit us at http://go.symantec.com/ssl-certificates. *Includes Symantec subsidiaries, affiliates, and resellers. 7
White Paper: Beginner’s Guide to SSL Certificates More Information Visit our website http://go.symantec.com/ssl-certificates To speak with a Product Specialist in the U.S. Call toll-free 1 (866) 893-6565 To speak with a Product Specialist outside the U.S. For specific country offices and contact numbers, please visit our website. About Symantec Symantec is a global leader in providing security, storage, and systems management solutions to help consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. Symantec Corporation World Headquarters 350 Ellis Street Mountain View, CA 94043 USA 1 (866) 893 6565 www.symantec.com Copyright © 2012 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, and the Checkmark Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. VeriSign and other related marks are the trademarks or registered trademarks of VeriSign, Inc. or its affiliates or subsidiaries in the U.S. and other countries and licensed to Symantec Corporation. Other names may be trademarks of their respective owners.

Recommended

Презентация пп
Презентация ппПрезентация пп
Презентация ппАнтон Пак
 
Ppt djy 2011 1 topic 7 atomic structure sl intro
Ppt djy 2011 1 topic 7 atomic structure sl introPpt djy 2011 1 topic 7 atomic structure sl intro
Ppt djy 2011 1 topic 7 atomic structure sl introDavid Young
 
Abbydale&naynay
Abbydale&naynayAbbydale&naynay
Abbydale&naynayblzahirniak
 
Quantum Theory of Investment
Quantum Theory of InvestmentQuantum Theory of Investment
Quantum Theory of InvestmentSainath Kesavan
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by HubspotMarius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsPixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthThinkNow
 

Recommended

Презентация пп
Презентация ппПрезентация пп
Презентация ппАнтон Пак
 
Ppt djy 2011 1 topic 7 atomic structure sl intro
Ppt djy 2011 1 topic 7 atomic structure sl introPpt djy 2011 1 topic 7 atomic structure sl intro
Ppt djy 2011 1 topic 7 atomic structure sl introDavid Young
 
Abbydale&naynay
Abbydale&naynayAbbydale&naynay
Abbydale&naynayblzahirniak
 
Quantum Theory of Investment
Quantum Theory of InvestmentQuantum Theory of Investment
Quantum Theory of InvestmentSainath Kesavan
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by HubspotMarius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsPixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthThinkNow
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Scott Andery
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesThousandEyes
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfmarketingartwork
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture CodeSkeleton Technologies
 

More Related Content

Recently uploaded

Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Scott Andery
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesThousandEyes
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 

Recently uploaded (20)

Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 

Featured

AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfmarketingartwork
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024Neil Kimberley
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)contently
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024Albert Qian
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsKurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summarySpeakerHub
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next Tessa Mero
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentLily Ray
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesVit Horky
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project managementMindGenius
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...RachelPearson36
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Applitools
 
12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at WorkGetSmarter
 

Featured (20)

AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
 
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...
 
12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work12 Ways to Increase Your Influence at Work
12 Ways to Increase Your Influence at Work
 
ChatGPT webinar slides
ChatGPT webinar slidesChatGPT webinar slides
ChatGPT webinar slides
 
More than Just Lines on a Map: Best Practices for U.S Bike Routes
More than Just Lines on a Map: Best Practices for U.S Bike RoutesMore than Just Lines on a Map: Best Practices for U.S Bike Routes
More than Just Lines on a Map: Best Practices for U.S Bike Routes
 

Beginners guide to_ssl_certificates

  • 1. SSL CERTIFICATES BEGINNER’S GUIDE TO WHITE PAPER: White Paper Beginner’s Guide to SSL Certificates Making the Best Choice When Considering Your Online Security Options
  • 2. White Paper: Beginner’s Guide to SSL Certificates Beginner’s Guide to SSL Certificates Making the Best Choice When Considering Your Online Security Options CONTENTS Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 What is an SSL Certificate? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 How Does SSL Encryption Work? . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 How Do I Know That a Site Has a Valid SSL Certificate? . . . . . . . . . . . . . . 4 Where Would I Use an SSL Certificate? . . . . . . . . . . . . . . . . . . . . . . . . 5 Different Types of SSL Certificate . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Tech Talk Made simple . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 2
  • 3. White Paper: Beginner’s Guide to SSL Certificates Introduction Whether you are an individual or a company, you should approach online security SSL stands for “Secure Socket in the same way that you would approach physical security for your home or Layer.” It is a technology that business. Not only does it make you feel safer but it also protects people who establishes a secure session visit your home, place of business, or website. It is important to understand the link between the visitor’s web potential risks and then make sure you are fully protected against them. In the browser and your website so that fast-paced world of technology, it is not always easy to stay abreast of the latest all communications transmitted advancements. For this reason it is wise to partner with a reputable Internet through this link are encrypted and security company. are, therefore, secure. SSL is also used for transmitting secure email, This guide will de-mystify the technology involved and give you the information secure files, and other forms of you need to make the best decision when considering your online security options. information. For a glossary of terms, please see “Tech Talk Made Simple” at the end of this document. Would you send your private information or banking details to What Is an SSL Certificate? someone on the back of a postcard? An SSL certificate is a digital computer file (or small piece of code) that has two specific functions: 1. uthentication and Verification: The SSL certificate has information about A the authenticity of certain details regarding the identity of a person, business or website, which it will display to visitors on your website when they click on the browser’s padlock symbol or trust mark (e.g., the Norton™ Secured Seal). The SSL creates a safe and private vetting criteria used by Certificate Authorities to determine if an SSL certificate channel for you to communicate. should be issued is most stringent with an Extended Validation (EV) SSL certificate; making it the most trusted SSL certificate available. 2. ata Encryption: The SSL certificate also enables encryption, which means that D the sensitive information exchanged via the website cannot be intercepted and read by anyone other than the intended recipient. In the same way that a identity document or passport may only be issued by the country’s government officials, an SSL certificate is most reliable when issued by a trusted Certificate Authority (CA). The CA has to follow very strict rules and policies about who may or may not receive an SSL certificate. When you have a valid SSL certificate from a trusted CA, there is a higher degree of trust by your customers, clients or partners. How Does SSL Encryption Work? In the same way that you lock and unlock doors using a key, encryption makes use of keys to lock and unlock your information. Unless you have the right key, you will not be able to “open” the information. Each SSL session consists of two keys: • he public key is used to encrypt (scramble) the information. T • he private key is used to decrypt (un-scramble) the information and restore it T to its original format so that it can be read. 3
  • 4. White Paper: Beginner’s Guide to SSL Certificates The Process: Every SSL certificate that is issued for a CA-verified entity is issued for a specific server and website domain (website address). When a person uses their browser to navigate to the address of a website with an SSL certificate, an SSL handshake (greeting) occurs between the browser and server. Information is requested from the server – which is then made visible to the person in their browser window. You will notice changes to indicate that a secure session has been initiated – for example, a trust mark will appear.If you click on the trust mark, you will see additional information such as the validity period of the SSL certificate, the domain secured, the type of SSL certificate, and the issuing CA. All of this means that a secure link is established for that session, with a unique session key, and secure communications can begin. How Do I Know That a Site Has a Valid SSL Certificate? 1. standard website without SSL security displays “http:// ” before the website A address in the browser address bar. This moniker stands for “Hypertext Transfer Protocol,” and is the conventional way to transmit information over the Internet. However, a website that is secured with a SSL certificate will display “https:// ” before the address. This stands for “Secure HTTP.” 2. ou will also see a padlock symbol on the top or bottom of the Internet browser Y (depending on which browser you are using). 3. ften, you will also notice a trust mark displayed on the website itself. O Symantec™ customers use the Norton Secured Seal trust mark on their websites. When you click on the Norton Secured Seal or the padlock symbol on the page, it will display details of the certificate with all the company information as verified and authenticated by the CA. 4. y clicking the closed padlock in the browser window, or certain SSL trust marks B such as the Norton Secured Seal, the website visitor sees the authenticated organization name. In high-security browsers, the authenticated organization name is prominently displayed and the address bar turns green when an 4
  • 5. White Paper: Beginner’s Guide to SSL Certificates Extended Validation (EV) SSL certificate is detected. If the information does not match, or the certificate has expired, the browser displays an error message or warning. Where Would I Use an SSL Certificate? The short answer to this question is that you would use an SSL certificate anywhere that you wish to transmit information securely. Here are some examples: • ecuring communication between your website and your customer’s Internet S browser. • ecuring internal communications on your corporate intranet. S • ecuring email communications sent to and from your network (or private email S address). • ecuring information between servers (both internal and external). S • ecuring information sent and received via mobile devices. S Different Types of SSL Certificates There are a number of different SSL certificates on the market today. • he first type of SSL certificate is a self-signed certificate. As the name implies, T this is a certificate that is generated for internal purposes and is not issued by a CA. Since the website owner generates their own certificate, it does not hold the same weight as a fully authenticated and verified SSL certificate issued by a CA. • Domain Validated certificate is considered an entry-level SSL certificate A and can be issued quickly. The only verification check performed is to ensure that the applicant owns the domain (website address) where they plan to use the certificate. No additional checks are done to ensure that the owner of the domain is a valid business entity. • fully authenticated SSL certificate is the first step to true online security and A confidence building. Taking slightly longer to issue, these certificates are only granted once the organization passes a number of validation procedures and checks to confirm the existence of the business, the ownership of the domain, and the user’s authority to apply for the certificate. All Symantec SSL Certificates are fully authenticated. • ven though an SSL certificate is capable of supporting 128-bit or 256-bit E encryption, certain older browsers and operating systems still cannot connect at this level of security. SSL certificates with a technology called Server-Gated Cryptography (SGC) enable 128- or 256-bit encryption to over 99.9 percent of website visitors. Without an SGC certificate on the Web server, browsers and operating systems that do not support 128-bit strong encryption will receive only 40- or 56-bit encryption. Users with certain older browsers and operating systems will temporarily step-up to 128-bit SSL encryption if they visit a website with an SGC-enabled SSL certificate. For more information about SGC please visit: http://go.symantec.com/ssl-certificates. 5
  • 6. White Paper: Beginner’s Guide to SSL Certificates • domain name is often used with a number of different host suffixes. For this A reason, you may employ a Wildcard certificate that allows you to provide full SSL security to any host of your domain – for example, host.your_domain.com (where “host” varies but the domain name stays constant). • imilar to a Wildcard certificate, but a little more versatile, the SAN (Subject S Alternative Name) SSL certificate allows for more than one domain to be added to a single SSL certificate. • ode signing certificates are specifically designed to ensure that the software C you have downloaded was not tampered with while en route. There are many cybercriminals who tamper with software available on the Internet. They may attach a virus or other malicious software to an innocent package as it is being downloaded. These certificates make sure that this doesn’t happen. • xtended Validation (EV) SSL certificates offer the highest industry standard E for authentication and provide the best level of customer trust available. When consumers visit a website secured with an EV SSL certificate, the address bar turns green (in high-security browsers) and a special field appears with the name of the legitimate website owner along with the name of the security provider that issued the EV SSL certificate. It also displays the name of the certificate holder and issuing CA in the address bar. This visual reassurance has helped increase consumer confidence in e-commerce. Tech Talk Made Simple Encryption: Information is “scrambled” so that it cannot be used by anyone other than the person for whom it is intended. Decryption: “Un-scrambling” information and put it back in its original format. Key: A mathematical formula, or algorithm, that is used to encrypt or decrypt your information. In the same way that a lock with many different combinations is more difficult to open, the longer the length of the encryption key (measured in number of bits), the stronger the encryption. Browser: A software program that you use to access the Internet. Examples include: Microsoft Internet Explorer (IE); Mozilla Firefox, Apple Safari, RockMelt, and Google Chrome. 6
  • 7. White Paper: Beginner’s Guide to SSL Certificates Conclusion Trust makes all the difference in the world of online business. Investment in technology to protect customers and earn their trust is a critical success factor for any company that does business online or hosts an e-commerce website. The effective implementation of SSL certificates and correct placement and use of trust marks are proven tools in the establishment of customer trust. With the acquisition of VeriSign Authentication Services, Symantec is now the leading provider of SSL certificates globally, helping to assure customers that they are safe from search to browse to buy and sign in*. Symantec secures more than one million web servers worldwide, more than any other CA.* Symantec also secures over two-thirds of websites using Extended Validation SSL – including the biggest names in e-commerce and banking.* When you choose Symantec, you can rest assured that your website and your reputation are protected by the CA with a proven track record and the most recognized trust mark on the Internet. For more information, visit us at http://go.symantec.com/ssl-certificates. *Includes Symantec subsidiaries, affiliates, and resellers. 7
  • 8. White Paper: Beginner’s Guide to SSL Certificates More Information Visit our website http://go.symantec.com/ssl-certificates To speak with a Product Specialist in the U.S. Call toll-free 1 (866) 893-6565 To speak with a Product Specialist outside the U.S. For specific country offices and contact numbers, please visit our website. About Symantec Symantec is a global leader in providing security, storage, and systems management solutions to help consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. Symantec Corporation World Headquarters 350 Ellis Street Mountain View, CA 94043 USA 1 (866) 893 6565 www.symantec.com Copyright © 2012 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, and the Checkmark Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. VeriSign and other related marks are the trademarks or registered trademarks of VeriSign, Inc. or its affiliates or subsidiaries in the U.S. and other countries and licensed to Symantec Corporation. Other names may be trademarks of their respective owners.