General SSL FAQs

 

What is SSL?

SSL, which stands for Secure Sockets Layer, is a cyber-security protocol that digitally encrypts information sent from a browser to a server. SSL certificates are used to protect sensitive information like credit card numbers, usernames, passwords, email addresses, and more. A website with an SSL certificate is identified using a number of trust indicators, like “https” and the padlock icon in the browser bar, a site seal from a reputable Certificate Authority (CA), and a green bar that wraps around the URL on more premium certificates.

 

What is a Domain Validated (DV) SSL Certificate?

A Domain Validated (DV) SSL certificate is a quick and easy way to secure a domain, as the Certificate Authority (CA) issuing the certificate only requires verification that the recipient actually owns the domain they wish to cover. This verification process can typically be completed in a matter of minutes. However, these certificates offer little in the way of SSL recognition, so they are recommended for websites where visitor trust is not of high importance and information like usernames, passwords, or credit card information is not required.

 

What is the difference between 128- and 256-bit security?

That is the difference between the key lengths used once an SSL connection has been established in the browser. 256-bit security is indeed a bigger key however that does not necessarily mean it is more secure. Experts and research agrees that 128-bit is equally secure for the foreseeable future. The only reason 256-bit security is needed is if it’s specifically required by your industry or company policy. All our certificates have the ability to use either bit-length, which one you use is a matter of server configuration, NOT certificate support.

 

How can I use 256-bit encryption?

256-bit encryption is a server configuration. This has nothing to do with the certificate itself, it is based on your server configuration. To learn this, you should seek information provided by your webhosting platform or operating system. They will inform you how to set this encryption strength up.

 

What is the difference between 1024- and 2048-bit key lengths?

These key lengths refer to the strength of the private key. You can think of it as the size of the cypher being used to encode your messages. Obviously, 2048-bit private keys are exponentially more secure than 1024-bit ones and are the new standard across the industry and are required during the generation process.

 

What is the difference between SHA-1 and SHA-2?

SHA stands for Signature Hashing Algorithm. It’s a mathematical hash that proves the authenticity of the certificate. SHA-1 is an older version of the algorithm that is no longer seen as secure by industry experts and major browsers and is not allowed to be used during the generation process any longer by the industry. SHA-2 is the latest version that is widely accepted and viewed as secure by all major browsers and industry experts. The hashing algorithm of your CSR has no relevance to what hashing algorithm is used on the certificate.

 

What is a Certificate Authority and what is your relationship to them?

A Certificate Authority (CA) is the company that actually issues the SSL certificates. Symantec, Thawte, GeoTrust, RapidSSL, Certum, and Comodo are all CAs, for example. We are a reseller of these CAs, meaning that we are able to offer the exact same certificate that you would get from buying direct, but at much lower prices. Since we buy in bulk, we are able to offer them at the significant discounts that you see.

 

Which SSL brands are most trusted & secure?

All of the Certificate Authorities (CAs) that we carry are leaders in the industry and trusted across the world. Symantec is the largest CA in the world, and their Norton Trust Seal is the most recognized symbol of trust across the web. Their name definitely adds the most value of any CA in the industry. Additionally, GeoTrust, Thawte, RapidSSL, Certum, and Comodo are all trusted and secure CAs.

 

Can I see which Certification Authorities have their own Trusted CA root present in browsers?

Yes, the brands that we provide all have their roots included in modern devices and browsers. They all feature 99% or better compatibility, or browser ubiquity.

 

What is the SSL certificate warranty?

An SSL certificate warranty, also known as relying-party warranty, covers any damages that your website visitor /user may incur as a result of a data breach or hack that was caused due to a flaw in the certificate. The warranties range in value, which means that the higher value certificates come with more extensive warranties offered to boost the confidence of your user to do business with you online. more details

 

What is browser ubiquity or browser recognition?

Browser ubiquity or browser recognition basically means how many browsers recognize an SSL certificate and properly display the trust indicators. So, the higher the browser ubiquity of an SSL certificate, the more browsers that recognize and accept it.

 

How do you define Mobile support?

If your website or online store attracts a lot of visitors from mobile operating systems such as Android, Windows Mobile, Blackberry, Symbian OS, Palm OS or iOS(iPhone, iPad), we would advise you to select an SSL certificate with Mobile Support. This is especially true for mobile devices with older browsers or operating systems. While regular web browsers accept both root and intermediate certificates, many mobile browsers will only accept root certificates and will give SSL errors if they encounter an intermediate certificate.

Mobile web browsers & operating systems covered under Mobile support are as follows:

Mobile Web Browsers

  • ACCESS NetFront
  • Atomic
  • Dolphin HD
  • Fennec Alpha
  • Internet Explorer (All Windows devices)
  • Opera Mini
  • Opera Mobile
  • Openwave
  • Chrome for Mobile
  • Firefox Mobile
  • RIM BlackBerry
  • Safari (iPhone, iPad, and iPod Touch)
  • SkyFire
  • Sony PlayStation Portable
  • xScope

Mobile operating systems

  • Android
  • BlackBerry OS
  • Brew
  • iOS
  • Meego
  • Palm OS
  • Palm WebOS
  • Windows CE
  • Windows Mobile
  • Windows Phone 7/8
  • Maemo
  • Symbian
  • Sailfish OS

 

How long are your SSL certificates valid for?

Our SSL certificates can be valid from anywhere to 1-3 years, depending on the certificate you choose to purchase.

 

Can I use SSL to cover an internal domain?

You can use SSL to cover an internal domain if it is an officially registered domain (a publically available FQDN). If the internal domain is not a delegated and registered domain, the certificate will not be issued.

 

What is an Intermediate certificate?

An intermediate certificate is a file that helps the web browser identify who issued your SSL certificate. It is not required, but it is HIGHLY recommended that you install it along with your server SSL certificate in order to have full compatibility with all desktop & mobile browsers and mobile devices.

 

Where do I get my Intermediate certificate?

An intermediate certificate will be emailed to you along with your SSL certificate. You can also download the intermediate certificate from the vendor’s website, which is something that can be done if you didn’t receive the intermediate via email. This is also sometimes referred to as the “CA Bundle.” It is also important to note that some certificates have multiple intermediate certificates.

 

What if I can only use one certificate file?

If your hosting platform or company tells you that you can only use one certificate file, then you can combine your server certificate text with the intermediate file text.