SSL Certificates – Secure Server Certificates

What is SSL?

SSL certificates are generally used with ecommerce shopping carts, or anywhere you want to collect information from a user securely on your website. If you use a secure server certificate with a form; and that form emails the results to you; keep in mind that the email is not secure.

SSL (Secure Sockets Layer): Creates an encrypted link between a web server and a browser.
CA (Certificate Authority): The vendor you will get the secure server certificate from
CSR (Certificate Signing Request): A text file generated by a web server. A CSR looks like this:

—–BEGIN NEW CERTIFICATE REQUEST—–

MIIDGgBNAGkAYwByAG8AcwBvAGYAdAAgAFIAUwBBACAAUwB

AG4AZQBsACAAQwByAHkAcAB0AG8AZwByAGEAcABoAGkAYwl

L0ygNwwNIvKLMPq4/LcUkZ9Oo4AssXW5mvvhHWGz2RWYRhrw8o

—–END NEW CERTIFICATE REQUEST—–

First, you need to decide whether to use your hosting shared SSL certificate if they offer it. The URL to your store will look something like:

[https://theirserver.com/youruserid/your/path/to/store.html]

Or do you want to get your own SSL certificate? The URL will look like:

[https://yourdomainname.com]

If you decide to use your hosts’ shared lam bang cap 3 secure server certificate, then all you need to do is find out the path you need to use to call your files securely, and you will be on your way.

If you decide to get your own SSL certificate, this is generally what happens.

You first need to decide who you are going to get your SSL certificate from. It is a good idea to make sure your host supports your particular vendor. Some certificate authority vendors are:

  • Thawte
  • Verisign
  • Comodo
  • You can also review several vendors at a glance at WhichSSL

Before getting your own SSL certificate, you will need to do some reading on what your chosen Certificate Authority requires for a secure certificate, and you’ll also need to come up with some documentation. There are several steps to buying a secure server certificate, once you have decided on a vendor.

This is an overview, not written in stone. Each CA is different, so make sure you read their documentation and what they require. Here is an idea of what they want:

All documentation that is requested must match *exactly*. Secure certificate authorities will verify that your organization actually exists, so they know they are issuing to the correct company. You will need to prove that the Organization Name and the Domain name are in fact yours to use.

Steps you’ll be taking:

  • Gather required documentation
  • Have your host generate a CSR
  • Complete certificate authority online application
  • Certificate authority will process your request
  • Pickup and install your SSL certificate (usually an URL is emailed to you to download the secure server certificate)
  • Depending on the vendor, it can take a few hours to a few days.
  • Send secure certificate to host for installation. (Send in plain text)

Once your web hosting provider receives this information; they will generate the CSR and send it back to you in plain text. You then send it on to Verisign or Thawte, or whoever you have chosen as your secure certificate authority. They will then generate a SSL certificate for you which you will send back to your host for installation. Your web host may charge a fee for installation in addition to what your SSL certificate vendor charges.

Leave a Reply

Your email address will not be published. Required fields are marked *