Categories
Articles Hosting Technology Web Security

Understanding HTTPS, Types of SSL Certificates and Installing a SSL certificate for Microsoft Exchange 2007

With security risks becoming increasingly rife in the Internet, SSL has become a vital entity to ensure the protection of the organizations. SSL, basically, is a security protocol designed to ensure the authenticity of a website’s integrity and the website’s content.

Now, what SSL does is that it encrypts the data being transmitted between the source and destination, of course, after a secure connection is established between them. Websites involving money transactions and membership procedures, secured with SSL, are protected from cyber crimes very effectively and smoothly.

Ok, SSL protects your websites. So far, so good. But how do visitors or customers of a particular website confirm that it is secured and its safe for them to share their data here?

After having a SSL installed on your website, your URL changes from HTTP to HTTPS. This ‘HTTPS’ in the URL confirms the presence of the SSL security. HTTPS helps you keep hackers away from your website by covering up users’ confidential data from the rest of the world. The video below will help you get better hold of the idea:

Over the years, SSL has undergone many changes like: previously SSL was able to provide just 40 bit of encryption which has now been extended to 256-bit level along with 2048 bit level encryption future proof certificates.

Now there are various types of SSL certificates available. Before going deep down into types of SSL certificates and their uses I would like to tell you that SSL certificates are issued and signed by a trusted third party called Certificate Authority (CA).

Categories of SSL Certificates:

  • Free SSL: Many web hosting companies provide free SSL. If the data on your website is not of utmost importance, you can think of getting this kind of SSL. Else, its a total no-no.
  • Shared SSL: Websites having this kind of SSL act as sub domains of the main web hosting provider and hence share the SSL certificates. What it means is that the shared SSL will not display your domain name but instead your web hosting provider’s.You can use shared SSL certificate in situations where you need secure connection to a server that is not typically seen by the general public. For example, when logging into the administration area of your website.If you own an e-commerce website, a shared SSL is a strict no-no because visitors expect to see your domain in the URL, which as already explained, shared SSL does not display. And if you attempt to use your domain name with the shared certificate, your website may or may not work. Even if it does, the visitors will see the shared SSL warnings (please see the figure below) which will most likely put them off, and they won’t share their credit card or any other confidential with you.
  • Dedicated SSL: Dedicated SSL, for dedicated hosting plans allow customers to choose their domain names. This type of SSL certificates, though costly, are the best ones when it comes to the fulfillment of fully fledged security needs.Ideal for situations when the general public needs to access your website, Dedicated SSLs are the best option for protecting credit card information for e-commerce websites, since customers see your domain name in the URL instead of web hosting provider’s, making them feel comfortable while their data.
A likely occurrence if you use a Free SSL Certificate


Types of SSL Certificates:

Along with the above categories, SSL certificates depending upon the needs can be differentiated into following types:

  • Domain Validation or DV SSL: These types of SSL certificates secure the domain validity of a particular website. Here, the contact info of the website is detailed in the WHOIS database of the website’s domain.
  • Organization Validation or OV SSL: OV SSL, as the name suggests, ensures the authenticity of the website’s business organization along with its physical know how and other web addresses.
  • Extended Validation or EV SSL: Most complex and trusted security validation, EV SSL provides the enhanced authenticity to a particular website/organization. EV SSL shows its uniqueness by changing the color of the website’s address bar in to green.
Different types of SSL Certificate validation


Installing a SSL certificate for Microsoft Exchange 2007:

As far as the installation of SSL certificates is concerned, Microsoft Exchange is the foremost difficult one to be tackled with. Difficult because it demands a great level of case sensitivity as it demands each and every element of information to be entered exactly as it is.

First of all, drag the Microsoft Exchange 2007 program and create a request for the Exchange 2007 certificate, using the Certificate Request Generating tool online. After this, import the Microsoft Exchange 2007 certificate by actually downloading the certificate.cer and copy the certificate’s thumbprint.

After the completion of the above steps, you just need to enable it via a command:

Enable-Exchange Certificate-Thumbprint <thumbprint>-Services “SMTP”, “IIS”

This will enable OW, auto discover and SMTP security. If you want to modify/change the commands for the POP, IMAP, UM or IIS, you can do that. Also make sure that you always check for the SSL certificates updates to avoid the SSL disturbances and expiry dates.

Categories
Articles Legal News Technology Web Security Web Security

Frequently Asked Questions about EV SSL Certificates answered by RapidSSLonline

RapidSSLonline, an SSL security specialist, addresses some valuable questions and answers, which according to them are most frequently asked on the web.

What is an EV SSL Certificate Security?
EV SSL or Extended Validation SSL certificate is one of the most toughest and trusted SSL certificates, which is especially produced to protect wide level e-Business web servers and their users’ information, while it is being transferred between web browsers and servers.

What type of validation does an EV SSL certificate contain?
An EV SSL certificate issued  to any web organization contains complete Domain and Business Authentication details.

What are some major advantages Extended Validation SSL certificate has when compared to a Standard SSL?
One of the greatest advantages of obtaining an EV SSL certificate is getting the green address bar status, which immediately alerts consumers that the site they are visiting offers the highest level of security.

Extended validation certificates offer online businesses the highest level of encryption, generally between 128-256 bit encryption. This ensures that all data transmissions are encrypted to the maximum, with virtually no chance of sensitive information falling into the hands of a third party.

What is a Legal Opinion Letter of EV Certificate?
It is a professional opinion letter from Certified or Licensed Attorney for Extended Validation SSL certificate issuance. All major Certificate Authorities such as Symantec, GeoTrust, and Thawte require Legal Opinion Letter before EV issuance to any organization.

What encryption level does EV SSL contain?
EV has the toughest protection encryption such as 256 bit with 2048 bit CSR key generation.

How much time is needed for issuance of an EV SSL certificate?
It needs 10 to 15 business days for issuance of an EV SSL certificate.

What all web browsers are compatible with an Extended Validation SSL Certificate?
Here is the list of web browsers, which are the most compatible to EV cert.

  • Firefox 1+, 2+, 3+
  • IE 5+, 6+, 7+, 8+
  • Netscape 4+
  • Opera 7+
  • AOL 5+
  • Safari

How much warranty amount does an  EV SSL certificate contain?
An EV SSL certificate contains  a minimum of $500,000 and maximum of $1,500,000 warranty.

Does EV security support mobile devices?
Yes it does! Secure site pro with EV security from Symantec supports mobile devices, which is also the toughest security solution on the web.

What is the difference between EV SSL and WildCard SSL?
EV SSL certificate is a complete domain authentication which protects single qualified domain only on a single server and IP, whereas  WildCard SSL is domain authenticated security, which protects sub domains and as well as main domains on single server and IP.

Categories
Articles Domain Legal News Web Security Web Security Website Development

What is a Multi Domain EV SSL Certificate?

Maintaining a  high level of online trust and security in compliance with industry-wide security regulations can be a daunting task for organizations  as it requires timely updates to the IT security infrastructure which are sometimes very expensive. To keep a sense of trust and security intact in the minds of website visitors and at the same time keeping expenditure within manageable limits is thus a very herculian task. This is where a  Multi Domain EV SSL security certificate comes in.

 Multi Domain EV SSL security certificateis a ‘best of both worlds’ product in a way that it provides stringent and tough authentication at par with  industry standard EV SSL (Extended Validation) certificate, and has the ability to package multiple domains , thereby effectively cutting down the costs for the buyer. For example, a single EV SSL MDC can secure- domainA.com, domainB.com, secure.domainA.com, login.domainB.com and anydomainunderthesky.any-tld. The most important thing to note here is that a EV Multi Domain SSL certificate covering all these five domains will cost significantly lesser than the cost for five separate security certificates for the same five domains.

A  Multi Domain EV SSL certificate also saves a lot of time as even though it requires each domain to  go through the domain authentication process separately, the identity of the website owner has to be authenticated only once. This makes it the perfect security solution for small and medium scale business  looking to secure their online transactions.

How do I choose the best  Multi Domain EV SSL certificate for me?
Like every other security solution, the selection of a  Multi Domain EV SSL certificate best suitable for you also depends on a number of factors, such as  price, the number of domains needed initially and flexibility in adding new ones during the time period covered by the certificate. For example, you plan to secure only 5 domains now under the Multiple Domain EV SSL, but anticipate a healthy growth of your business in future and hope to secure 10 domains in an year or so, then you must go for a provider who is flexible in adding new domains under a single certificate and has sales representatives/support available for live chat 24*7. You must also do a proper research on the provider and look for online reviews of their products online.

A detailed article to choose the best SSL provider is here, but these are  some vital features one must surely check while buying a Multi Domain EV SSL security certificate:

  • Security Level: Complete Business or Organization Validation.
  • Encryption Level: The Toughest 256 Bit SSL Encryption.
  • Serve License: Unlimited Server Licenses. (Without Any Extra Charges)
  • Issuance Speed: Within 1 to 10 working days.
  • Compatibility: 99.99% the latest web browsers and mobile device compatibility.
  • Assortment: SAN / Multi-Domain / UCC option obtainable.
  • Additional Plus: Order www.domain.com & additional plus secure.domain.com.

The multiple domain packages offered by SSL security certificate authorities differ considerably. For Example, GeoTrust offers five additional multiple domains with its starting package and provides an option to  add additional domains in increments of five, up to a total of 25. This is completely different from Comodo, while offers only three additional multiple domains with its starting package but gives an option to  add up to 100 total domains, one at a time. Every Multi Domain EV SSL certificate package thus has it’s own pluses and minuses depending on their price, difficulty of installation etc., the key lies in choosing one which best suits your needs.

Categories
Infographics News Web Security

Why EV SSL Certificates are the Way to Go When Needing an SSL Solution

Are you managing an online web store? Consumers are now shopping online more than ever, learn how consumers decide who to trust before entering their credit card details.

Categories
Articles Legal News Web Security Web Security

Green Address Bar SSL- A Secret of Online Success

While SSL certificates are the current gold standard for online businesses and e-commerce websites, many people remain unaware that there are a number of different types of these certificates. In fact, there are a few different SSL certificates available to these online business sites, with the extended validation (EV) SSL certificate providing the highest level of online security.

Green Address Bar SSL- A Secret of Online Success

The security capabilities of a SSL certificate are directly related to the level of encryption used. Extended validation certificates offer online businesses the highest level of encryption, generally between 128-256 bit encryption. This ensures that all data transmissions are encrypted to the maximum, with virtually no chance of sensitive information falling into the hands of a third party.

One of the greatest advantages of obtaining an EV SSL certificate is getting the green address bar status, which immediately alerts consumers that the site they are visiting offers the highest level of security. The video below will help you get a better hold of the idea:

The main advantage of an EV SSL Certificate is “Trust & highest assurance” to your customers as an SSL certificate authority conducts strong business validation for issuing EV SSL Certificates. EV certificates offer the highest data encryption and browser compatibility. They supply complete business information of the entity along with business name, locality, contact info and the validating certificate authority name. This increases a potential customer’s confidence and makes it more likely that they do business on that particular site. It also increases conversions online. Below are the images showing that how your website address bar will become different in all major browsers if your website carries an EV SSL Certificate.

The EV SSL certificate not only actively combats phishing attacks, but also increases consumer trust, reduces shopping cart abandonment and helps build a business’s long-term revenue. While all SSL certificates provide encryption, the EV SSL certificate provides the ultimate online security and significantly boosts consumer confidence. The green address bar is the ultimate internet standard for online businesses, book bloggers in India, and e-commerce sites.

About Author:
James Labonte, is a Retail Director at The SSL Store™.The SSL Store™ is an one of the largest SSL Certificate Providers in the World & authorized platinum partner of Symantec. You can reach James on Google+, Twitter and Facebook.