| SSL ("Secured Socket Layer") is a
| |
| | certificates have specific functions,
|
| protocol used to encrypt the
| |
| | like securing a number of different
|
| communication between the user's browser
| |
| | subdomains simultaneously (a "wildcard"
|
| and the web server. When SSL is active,
| |
| | certificate), but the effective
|
| a "little padlock" appears on the user's
| |
| | differences between basic single site
|
| browser, usually in the status line at
| |
| | certificates are very slight, despite the
|
| the bottom (at the top for Mac/Safari
| |
| | wide range of prices:
|
| users.)
| |
| |
|
|
| |
| | The encryption mechanism used by all of
|
| This assures the user that sensitive
| |
| | them is the same, and most use the same
|
| data (such as credit card numbers) can't
| |
| | key length (which is an indicator of the
|
| be viewed by anyone "sniffing" the
| |
| | strength of the encryption) common to
|
| network connection (which is an
| |
| | most browsers (128 bit).
|
| increasing risk as more people use
| |
| |
|
| wireless networking).
| |
| | Some of them ("chained root"
|
|
| |
| | certificates) are slightly more of a pain
|
| Common web site owner questions about
| |
| | for your web host to install than others
|
| SSL:
| |
| | ("single root" certificates), but this is
|
|
| |
| | pretty much invisible to the site owner.
|
|
| |
| |
|
| How do I get the little padlock on my
| |
| | The amount of actual checking on the
|
| site?
| |
| | ownership of the domain varies wildly
|
|
| |
| | between vendors, with some (usually the
|
| To get the little padlock, your site
| |
| | more expensive) wanting significant
|
| must have an SSL Certificate from a
| |
| | documentation (like a D&B number), and
|
| Certificate Authority. Once an SSL
| |
| | others handling it with an automated
|
| Certificate has been purchased and
| |
| | phone call ("press #123 if you've just
|
| installed, it provides three things:
| |
| | ordered a certificate").
|
|
| |
| |
|
|
| |
| | Some of them offer massive monetary
|
| The ability to show a page in "Secure
| |
| | guarantees as to their security (we'll
|
| Mode", which encrypts the traffic between
| |
| | pay you oodles of dollars if someone
|
| the browser and the server, as indicated
| |
| | cracks this code), but since it's all the
|
| by the "little padlock" on the user's
| |
| | same encryption mechanism, if someone
|
| browser. A guarantee by the issuing
| |
| | comes up with a crack, all e-commerce
|
| Certificate Authority that the domain
| |
| | sites will be scrambling, and the odds of
|
| name the certificate was issued for is
| |
| | that vendor actually having enough cash
|
| indeed owned by the specific company or
| |
| | to pay all of its customers their oodle
|
| individual named in the certificate
| |
| | is probably slim.
|
| (visible if the user clicks on the little
| |
| |
|
| padlock). An assurance that the domain
| |
| | The fact is that you are buying the
|
| name the certificate was issued for is
| |
| | certificate to insure the safety of the
|
| the domain name the user's browser is now
| |
| | user's data, and to make the user
|
| on.
| |
| | confident that his or her data is secure.
|
|
| |
| | For the vast majority of users, simply
|
|
| |
| | having the little padlock show up is all
|
| Once obtained, the certificate must be
| |
| | they are looking for. There are
|
| installed on the web server by your web
| |
| | exceptions (I have a client in the bank
|
| host. Since your web host also has to
| |
| | software business, and they feel that
|
| generate an initial cypher key to obtain
| |
| | their customers (bank officers) are
|
| the certificate, very often they will
| |
| | looking for a specific premier name on
|
| offer to handle the process of obtaining
| |
| | the SSL certificate, so are happy to
|
| the certificate for you.
| |
| | continue using the expensive one), but
|
|
| |
| | most e-commerce customers do not pick
|
| My web host has a "shared certificate"
| |
| | their sellers based on who issued their
|
| that I can use. Should I?
| |
| | SSL Certificates.
|
|
| |
| |
|
| It's still fairly common for small sites
| |
| | My advice is to buy the cheaper one.
|
| to use a shared certificate from the
| |
| |
|
| host. In this circumstance, when a page
| |
| | I have an SSL certificate -- why
|
| needs to be shown in secured mode, the
| |
| | shouldn't I serve all my pages in
|
| user is actually sent to a domain owned
| |
| | "Secured" mode?
|
| by the web host, and then back to the
| |
| |
|
| originating domain afterwards.
| |
| | Because SSL has an overhead -- more data
|
|
| |
| | is sent with a page that is encrypted
|
| A few years ago, when SSL Certificates
| |
| | than a page that isn't. This translates
|
| were quite expensive (around $400 per
| |
| | to your site appearing to run slower,
|
| year), this was real attractive for new
| |
| | particularly for users who are on dial-up
|
| sites just getting their feet wet in
| |
| | or other slow connections. Since this
|
| e-commerce. Today, with a number of
| |
| | also increases the total amount of data
|
| perfectly functional SSL certificates
| |
| | transfered by your site, if your web host
|
| available for under $100 (exclusive of
| |
| | charges by transfer volume (or has an
|
| installation, etc.), it is a lot less
| |
| | overage fee, as most do), this can
|
| attractive. Since your user can look a
| |
| | increase the size of your monthly hosting
|
| the address line of his or her web
| |
| | bill.
|
| browser and see that the site asking for
| |
| |
|
| the credit card number is not the site he
| |
| | The server should go into secure mode
|
| or she thought they were on, the cost
| |
| | when asking a user for financial or other
|
| savings is probably not worth the risk of
| |
| | sensitive data (which may well be "name,
|
| scaring off a sale.
| |
| | address and phone number", with today's
|
|
| |
| | risk of identity theft), and operate in
|
| What's the difference between the
| |
| | normal mode otherwise.
|
| expensive SSL Certificates and the
| |
| | Updates to this article, and many other
|
| inexpensive ones?
| |
| | great articles and tutorials for small
|
|
| |
| | business web site owners can be found at
|
| Usually, mostly price. Some expensive
| |
| | Insanely Great Sites!
|
