ConfigServer Security and Firewall. Providing Better Security For Your Website
SSL certificates are used on the Internet for securing all the data sent between web servers, devices, clouds, phones, computers, etc. SSL certificates are essential in the Encryption of communications using SSL and TLS. You can not have secure communications without these.
SSL Certificates are a set of files that enable the Web Server to provide asymmetric encryption with any connecting computers, devices, or other Servers (also known as the client). These SSL files include:
• Signing Request: A file ending in a .CSR extension which is presented to a 3rd party and which is used by that 3rd party to generate the public key
• Private Key: A file ending in a .key extension which is installed on the server, which is kept secret and secure
• Public Key: A file ending in a .CRT extension which is installed on the web server, but which is downloaded to any connecting device (client). You receive a copy of this file without interference with the security of the system
• Intermediate Certificates. Additional files provided by 3rd parties that generated and signed your "public key". These are public files and need to be installed on the web server so that connecting devices can properly verify your site’s identity. If you forget to install this, anyone connecting to your website may get SSL warnings.
Transport Layer Security (TLS) and Secure Sockets Layer (SSL), both of which are frequently referred to as SSL Certs. These are cryptographic protocols designed to provide communications security over the Internet and or computer network. Several versions of the protocols are in widespread use in applications such as web browsing, email, Internet faxing, instant messaging, and Voice over Internet Protocol (VoIP). The main aim of the TLS Protocol is to provide privacy and data integrity between two communicating applications or programs.
If the web address or URL of the page contains https:// instead of http://, then the page was loaded with an SSL Secured Connection. Most Browsers also display a padlock symbol to indicate encrypted sites and pages. Clicking on the padlock icon to view more information about the encryption certificate.
The "public key" file of your SSL certificate contains important pieces of information, such as
• Information for encrypting data
• Information about your Domain and possibly also your company
• Dates that the certificate is valid and when it expires
• Information about what company or organization if applicable signed the public key.
The private key information for your SSL Certificates contain only information for encrypting data. It does not expire or have any details regarding your company or domain name. The Signing Request contains all the same information as the public key, except for information about who has signed it.
This is a certificate in which you have signed the certificate, (e.g., when either you and or your hosting company created it). These certificates are free and anyone can make them with any information within regarding company, organization, and domain.
But anyone who connects to a web server using a self-signed certificate will receive a significant warning message that the Server it is connecting to may not be trusted and that you should only proceed with extreme caution. Self Signed Certificates are usually used for Services hosted inside your own corporate network, where you control who has access and your staff trusts your own certificates. Public services where the users care only about the fact that the data is encrypted and which do not care who is on the other end of the data stream (this is rare).
A company that signs your certificate must first verify your right to the certificate in question. Then they add the appropriate information to the certificate to see that they have verified your ownership of and right to this SSL certificate. They check that the domain name in the certificate is actually owned by you, and the people in charge of the domain approve the creation of this SSL cert. If there is information about your organization (e.g., your company name) in the certificate, then this must also be verified. Be careful of certificates signed by very cheap SSL providers.
With RSH Web Services website hosting accounts, a free SSL certificate is available. Making it easier to build a secure Internet. We are excited to deliver these new features, and we hope that they advance both the business of web hosting and the security of online communications. These certs from cPanel are already set up and install to your hosting account and ready to go, just type in the "HTTPS" before your domain name.
Single-domain SSL certificates provide security for a single fully qualified domain name. The straightforward nature of Single Domain SSL Certificates is an ideal solution for any small, medium, and large sized website. Ensure your visitors and customers that they are quite safe on your website.
A wild card certificate covers a wide range of domains. This certificate covers all direct subdomains of a given domain. For example, it can cover "domain.rshweb.com", "support.rshweb.com", "mail.rshweb.com", and pretty much any name put in front of your domain you want or need. The benefits of a wild card certificate are you only need to buy 1 SSL certificate to cover numerous domains. While wild card certificates are more expensive, in general, they are a good value if you have different names to protect.
A Unified Communications Certificate (UCC) is an SSL certificate that secures multiple domain names and multiple host names within a domain name. A UCC lets you secure a primary domain name and up to 99 additional Subject Alternative Names (SANs) in a single certificate.
Why does it turn the browser green?
An EV certificate is an Extended Validation SSL Certificate. For these, the 3rd party signer goes through a significant effort to verify the company and domain in the certificate. Visiting a site that has an EV certificate generates a high degree of trust that the site is really the one you are trying to connect to. As a result, most web browsers identify this with a green address bar.
No, adding an SSL certificate to a Website does not make the entire site secure. Once you have an SSL Certificate for your website, you need to ensure that web pages that require security are only accessed over SSL or HTTPS. You will need to link to them with https:// and not http://
You may also want to construct your site so that secure pages cannot be accessed via insecure links (e.g., http://). RSH Web Services will help provide your website for files only accessible over SSL.
It is a common misconception that “.shtml” web pages are “Secure HTML”. This is not true. The “S” stands for Server-Parsed and is related to Server-Side Includes web pages. This has no bearing on security or encryption and does not mean that the page is secure.
Web pages are only secure if the URL in the address bar starts with HTTPS:// and the lock icon in your browser is closed or locked. Make sure the lock icon does not have a warning sign or X on it and that the address bar is not red. These can indicate that there is either some problem with your SSL certificate (Expired?) or maybe there are items, images, or JavaScript in your web page that are being loaded without SSL. Contact your hosting company or web developer if you have questions about such issues.
Tweet Share Pin Email
