Categories
News Technology

GlobalSign Releases Findings of GlobalSign SSL Configuration Checker Evaluation for Q1 of 2013

GlobalSign today released findings of its first Quarterly SSL Configuration Evaluation to show how effectively global organizations are implementing SSL to protect their websites.

The evaluation was based on website URLs of organizations that used the GlobalSign SSL Configuration Checker to assess the strength and quality of their SSL configurations. According to the official PR by GlobalSign, the Q1 of 2013 saw over 6,000 sites using the tool to evaluate the effectiveness of their SSL, out of which 269 sites used the remediation guidance provided by GlobalSign to improve and strengthen the security of their sites.

GlobalSign’s SSL Configuration Checker is a tool that offers an overall grade of a website’s SSL configuration, its effectiveness, remediation steps and certificate details.

Organizations who wish to test their SSL’s effectiveness can enter their website addresses and instantly receive a letter grade for their configuration.

Powered by Qualys SSL Labs, the tool evaluates strength and quality of SSL certificates based on a grading system that has three steps:

  1. The site’s SSL certificate is examined to confirm that it is trusted and valid. If a server fails this step it is automatically given a zero.
  2. The server configuration is tested in three categories: 1) protocol support, 2) key exchange support 3) cipher support.
  3. Finally, a score between 0 and 100 is assigned to the site. The grading scale is as follows:

    SSL Configuration Checker Evaluation results of the Alexa Top 100

  • score >= 80 A
  • score >= 65 B
  • score >= 50 C
  • score >= 35 D
  • score >= 20 E
  • score < 20 F

“50 percent of 269 websites that used the GlobalSign SSL Configuration Checker strengthened the effectiveness of their SSL configuration grades in 30 minutes or less. Fifteen percent improved from a B, C, D or F to an A grade in less than two hours,” says GlobalSign.

Out of the 269 websites that used the remediation guidance provided by GlobalSign to improve and strengthen the security of their sites, 172 organizations improved their grade to an A overall, 113 organizations improved their F grade to an A, B or C and 95 organizations improved their B grade to an A.

“The improvement in website security is certainly encouraging for us to see, but this is the absolute tip of a very big, fast-moving and dangerous iceberg,” said Ryan Hurst, CTO, GlobalSign.

“Administrators can use the SSL Configuration Checker to greatly improve and remediate the security of poorly configured sites, but it is the awareness of this free and easy tool that we are trying to drive. Both small and large organizations with websites must adopt best practices, but first they have to identify the strengths and weaknesses of their sites’ SSL configuration.”

GlobalSign also evaluated the SSL effectiveness of the Alexa Top 100 websites; 51 % of which received an A, 25 % a B and 5 % scored a C.

For more information on the GlobalSign SSL Configuration Checker, click here.

Categories
Articles Domain Hosting Technology Web Security

Learning How to install a Wildcard SSL certificate in WHM and Common Compatibility Errors

Last decade has seen a phenomenal growth in the usage of Internet. Accepted round the globe unanimously with wide arms, Internet has now become a part of everyone’s daily life. Everybody is now online, and in more ways than one would’ve imagined. People use Internet for checking news, keeping a tab on their favorite sports, listening music, watching movies, professional conversations, interacting with new people, online shopping etc.

Online shopping is easy, ubiquitous, provides a broad range of options to choose from, and most importantly saves time. Businesses now realize the importance of being online, and most of them have websites showcasing and selling their products. But it isn’t that easy to turn a visitor on your website into a customer.

Netizens today are smart and well aware of the security threats online that can jeopardize their confidential data. They need assurance that you are genuine, your website is genuine and most importantly that you’ve proper security system in place to ensure the safety of their confidential information like credit card details, personal details, transaction info, etc.

A majority of online businesses hence use SSL certificates to reflect their reliability. SSL certificates not only secure the online transactions but are also visible proof that the particular website that showcases them is genuine, secure and reliable. But SSLs can be expensive at times.

Say your website has multiple sub-domains, such as yourwebsite.com, blog.yourwebsite.com, login.yourwebsite.com etc. A conventional SSL certificate will only secure one of these domains; to secure others, you’ll have to buy multiple SSLs, which will be capital intensive. If a potential customer visits blog.yourwebsite.com instead of yourwebsite.com and his browser warns him that this page is probably not secure, he might back off.

This is where WildCard SSLs come into the picture. A single WildCard SSL can protect multiple sub-domains on a single server and IP address, thus providing you both convenience (as you don’t need to administer several separate SSL Certificates for each sub-domain) and affordability.

WildCard SSL Certificate provide the same stringent level of security, as they hold the same encryption and decryption technology as other conventional certificates. All you need to do to secure multiple domains with WildCard SSLs is that at the time of installation, just add an asterisk (*) in the subdomain area of the common name, which you want to be protected. For instance, if you configure *.yourwebsite.com, you can secure www.yourwebsite.com, photos.yourwebsite.com, blog.yourwebsite.com, payment.yourwebsite.com and so on. The * hence represents the wildcard part of the SSL certificate. * can be any sub domain that you want to secure with the same base domain.

For a detailed idea of how WildCard SSLs work, please refer to my previous post.

How to Install a Wildcard SSL certificate in WHM

  • Login to your Web Host Manager (WHM) control panel.
  • Go to the left menu and click on ‘Install a SSL Certificate and Setup the Domain’.
  • Now Copy and paste the contents of your WildCard SSL Certificate (yourwebsite.crt) into the first text area. Access the text version of your certificate by opening it with a text editor. Remember to include the BEGIN and END tags while copying and pasting the certificate.

    Copy Certificate to Notepad and include the BEGIN and END tags
    Copy Certificate to Notepad and include the BEGIN and END tags
  • Let the rest of the text areas to be automatically filled.
  • Double check that the SSL key and CA bundle are accurate.
  • Now change the WildCard domain name to match the actual account domain name.
  • Ensure that the username and IP address match the actual account involved.

Common Compatibility Errors with WildCard SSL Certificates
While most of of the platforms and devices are thoroughly compatible with WildCard SSLs, there are some which might have issues. For eg. if a certificate isn’t trusted by a customer’s mobile browser, he/she may face compatibility issues on his mobile device. This particular error is rife with old Windows Mobile 5 devices.

In addition, Microsoft Office Communication Server, Microsoft Lync Server and Oracle Wallet Manager do not accept wildcards. Likewise, there are some outdated and ‘Basic’ versions of browsers that don’t support a “Certificate Request”, thus making the certificate look invalid due to lack of verification.

The only way to prevent such unfortunate errors is to purchase WildCard SSL from a trusted provider of WildCard SSL Certificates that issues a certificate which most users’ browser can rely on.

Wrapping things up!
As already mentioned, WildCard SSL is a great product which gets rid of individualized costs and provides easier web security administration in a cost-effective manner. However they too have their own share of limitations, one of them being the compatibility issue mentioned above. IT Professionals and Web Security Experts should hence carefully gauge which domains and sub-domains they want to protect and the effectiveness of the WildCard SSL Certificate in protecting them to reap the benefits properly.

Categories
Articles Cloud Domain News Technology Web Security

A list of Frequently Asked Questions about WildCard SSL Certificates answered by RapidSSLonline

A WildCard SSL certificate has many advantages over a conventional SSL certificate, the most important one being it’s ability to secure not only your website URL, but also an unlimited number of its subdomains. Needless to say, a product with such benefits does attract interest of a large pool of customers.

At RapidSSLOnline, a Certificate Authority of a wide range of brands such as VeriSign (Now Symantec), GeoTrust, Thawte, and RapidSSL, we come across a lot of such customers on a daily basis, who are curious about this product, and have a variety of questions to ask before making a decision to buy it. And hence this post.

A follow up to my last article, which provided a brief overview of WildCard SSLs, this one aims to address most frequently asked questions on the web about the same and clears air about WildCard SSL security and how it works to protect small and wide level e-Commerce business over the web.

WildCard SSL multiple sub domains SECURITYWhat is a WildCard SSL Certificate?
WildCard SSL Certificate holds the same encryption and decryption technology, which protects user’s confidential information while transferring it on the web, and additionally, it protects multiple sub domains on a single server and IP address. Every Wildcard begins with an asterisk * or “star”. The star represents the wildcard part of the SSL certificate. The star can be any sub domain that shares the same base domain.

Which level of businesses need WildCard SSL security?
It is a highly recommended SSL security solution to medium and wide level e-Commerce websites.

What strength of encryption does WildCard Certificate hold?
It holds the advanced 256 bit encryption strength for single and multiple sub domains protection.

What level of security is included in WildCard Security SSL?
It protects a Fully Qualified Domain Name (FQDN) and Sub Domains on a Single Server and IP address.

Which brand’s WildCard SSL security holds an unlimited server license?
RapidSSL and GeoTrust. These are two major brands whose WildCard SSL certificate security holds an unlimited server license.

What is the issuance time of WildCard SSL security certificate?
It can be issued within few minutes for a single Domain Name.

What all web browsers are compatible with a WildCard SSL certificate?
Here is a list of web browsers most compatible with WildCard Cert.

  • IE 5+, 6+, 7+, 8+
  • Firefox 1+, 2+, 3+
  • Netscape 4+
  • Opera 7+
  • AOL 5+
  • Safari

What validation method does WildCard Certificate hold?
It holds a complete domain validation.

Does it include trust mark or site seal feature?
Yes! Its includes the trust mark or site seal feature, which is essential to gain trust and confidence of the users.

How does one generate WildCard SSL Certificate CSR for any web server?
It is the same process, which holds other Domain Validated SSL certificate CSR. However, during the WildCard SSL generation, the common name should be *.yourdomain.com. To get a better idea about WildCard SSL Certificate CSR generation, click here.

Is WildCard SSL security android validated?
Yes, it is an Android Validated SSL security.

What is the difference between EV SSL and WildCard SSL?
EV SSL certificate is a complete domain authentication which protects single qualified domain only on a single server and IP, whereas WildCard SSL is domain authenticated security, which protects sub domains and as well as main domains on single server and IP.

To see a list of Frequently Asked Questions about EV SSL Certificates, please click here.

Categories
Articles Domain Technology Web Security

Understanding Types of SSL Certificates, Their Validation Process and Points to Consider Before Buying Them

When someone purchases anything over the internet and pays through online banking or via other payment options like PayPal, 2checkout, etc., his/her personal information is transmitted, which if not encrypted, is at particularly high risk. The SSL (Secure Sockets Layer) protocol secures the transmission of information between a domain name and the visitors. This means that the account information entered by an individual while shopping online should safely arrive on the server of the shop owner without any third party gaining unauthorized access to it.

Also, many of you would’ve noticed a sudden increase in the number of online attacks happening over the web recently. There are numerous types of attacks like phishing, spamming, eavesdropping etc. than can jeopardize your website, causing an irreversible damage to your online reputation. SSL Certificates not only provide a security shield against such attacks, but also help create an aura of trust and a sense of security in your customers’ mind that you’re a credible organization validated by a proper certification authority and that it’s safe for them to share their data with you. The video below will help you get a detailed idea of how an SSL certificate works, and will likely solve most of your queries:

However, a blind trust in SSL Certificates can be dangerous. A website that displays an SSL certificate should be reliable and recognized by an authorized certificate authority.

Self-Signed SSL does not provide complete protection
There are many self-signed SSL encrypted websites out there that aren’t safe for secure transmission of your sensitive data. A Self-Signed Certificate is less trustworthy because it is signed by an individual and not by a trusted authority.

  • Such certificates have nothing to do with the identity of the person or organization that actually performed the signing procedure.
  • Self-Signed certificates aren’t trusted by other applications/operating systems. This may lead to authentications errors when a visitor lands on a website.
  • They use low hash and cipher technologies. Due to this, the security level implemented by self-signed certificates may not satisfy the current Security Policy etc.
Self Signed Certificate disadvantage
A likely occurrence if you use a Self-Signed Certificate

So, when you buy an SSL certificate for your e-commerce business, always pay attention to two main points:

  • SSL certificates provider – When you decide to purchase SSL certificate for your ecommerce business, you should check the review of certificate provider and examine which company is serious about the security of your data. Also, check some other criteria like whether the IT processes with in the company are ISO 27001 certified or not.
  • Choose right product – Always remember, expensive ? quality. There are various types of SSL certificates available in the competitive market, and not every one of them is right for you. So evaluate your business requirements properly and then so come to a decision as to which certificate can fulfill them best . There are many SSL wizards out there that can help you with this.

Once you’ve bought an SSL Certificate from a reputed organization, take care of two things:

  • When your certificate is going to expire, your SSL provider will send you a notice for its renewal. You should not be careless about such warnings. Visitors tend to move away from websites having expired security certificates. While renewing your certificate your email address or web address should be the same as you had while applying for the SSL certificate. A continuous ignoring of such warnings can have a negative impact on your business in long time.
  • Buying an SSL certificate is not enough. You must take proper steps to ensure proper implementation of the SSL protocol on your website. Have a look the common errors people do while installing SSL Certificates on their website.

Differences in certificates validation:

There are different processes for examining the authenticity of a website owner’s identity; some authorities do verification via telephone, while some examine the documents of an organization. Without checking or examining the identity, a certificate cannot be issued. Different types are SSL certificates have different validation processes:

Different types of SSL Certificate validation
Different types of SSL Certificate validation
  • Domain validation certificates: For domain validation, the certification body only checks whether the applicant is the owner of the domain. A message is sent to the administrative e-mail address of a domain, and it must be acknowledged to confirm ownership. The risk of deception for these certificates are relatively high.
  • Organization Validation certificates: In these cases, additional corporate data, like name and full address of the organization etc. are thoroughly checked.

Wrapping Things Up
As I had mentioned in one of my previous articles, SSL is a powerful tool for protecting not only your user’s data, but also their confidence in you. It’s the first thing a user will look for when deciding whether or not to trust a site, but it doesn’t cover all the security issues. It’s just one aspect of a greater effort. SSL protects data during one specific period of time, but that time isn’t the only window of opportunity that an attacker has to strike. Proper installation must be done to ensure that when you employ SSL you don’t render it redundant by neglecting to examine your systems for weaknesses in other key areas. It should never be assumed that a system is secure. A system should be proven to be secure by pro-actively seeking out weaknesses and eliminating them.

Categories
Articles Legal News Technology Web Security Web Security

Frequently Asked Questions about EV SSL Certificates answered by RapidSSLonline

RapidSSLonline, an SSL security specialist, addresses some valuable questions and answers, which according to them are most frequently asked on the web.

What is an EV SSL Certificate Security?
EV SSL or Extended Validation SSL certificate is one of the most toughest and trusted SSL certificates, which is especially produced to protect wide level e-Business web servers and their users’ information, while it is being transferred between web browsers and servers.

What type of validation does an EV SSL certificate contain?
An EV SSL certificate issued  to any web organization contains complete Domain and Business Authentication details.

What are some major advantages Extended Validation SSL certificate has when compared to a Standard SSL?
One of the greatest advantages of obtaining an EV SSL certificate is getting the green address bar status, which immediately alerts consumers that the site they are visiting offers the highest level of security.

Extended validation certificates offer online businesses the highest level of encryption, generally between 128-256 bit encryption. This ensures that all data transmissions are encrypted to the maximum, with virtually no chance of sensitive information falling into the hands of a third party.

What is a Legal Opinion Letter of EV Certificate?
It is a professional opinion letter from Certified or Licensed Attorney for Extended Validation SSL certificate issuance. All major Certificate Authorities such as Symantec, GeoTrust, and Thawte require Legal Opinion Letter before EV issuance to any organization.

What encryption level does EV SSL contain?
EV has the toughest protection encryption such as 256 bit with 2048 bit CSR key generation.

How much time is needed for issuance of an EV SSL certificate?
It needs 10 to 15 business days for issuance of an EV SSL certificate.

What all web browsers are compatible with an Extended Validation SSL Certificate?
Here is the list of web browsers, which are the most compatible to EV cert.

  • Firefox 1+, 2+, 3+
  • IE 5+, 6+, 7+, 8+
  • Netscape 4+
  • Opera 7+
  • AOL 5+
  • Safari

How much warranty amount does an  EV SSL certificate contain?
An EV SSL certificate contains  a minimum of $500,000 and maximum of $1,500,000 warranty.

Does EV security support mobile devices?
Yes it does! Secure site pro with EV security from Symantec supports mobile devices, which is also the toughest security solution on the web.

What is the difference between EV SSL and WildCard SSL?
EV SSL certificate is a complete domain authentication which protects single qualified domain only on a single server and IP, whereas  WildCard SSL is domain authenticated security, which protects sub domains and as well as main domains on single server and IP.

Categories
Articles News Technology Web Security Web Security

How to Choose the Right and Best SSL Certificate Provider-10 Simple Tips

With the number of online scams and frauds multiplying day by day, the need for SSL certificates to validate the credibility of a website is on rise. And most of the eBusiness owners are well aware of this fact, taking proper steps to put forth their website as reliable and trustworthy by displaying trusted symbols of web security on their online eCommerce platforms.

However, there is a major problem when it comes to picking the right SSL certificates provider. Most people, when looking for a SSL certificate provider, put their first foot forward with google, which is perfectly alright, but the problem arises when they search using terms like cheap, cheapest, less price, best price, discount, best deal and…you get the picture. And here is the thing- a quality SSL certificate with the strongest encryption technology to build trust, boost confidence and increase conversions does not come at the cheapest price.

Purchasing an SSL Certificate which is the cheapest among the lot will probably save you a few bucks, but it won’t bring with it a 24/7 technical support and admin management tools to manage all your web security needs in one place. Yes, price is a major factor and one must go for an SSL which best suits his budgetary constraints, but price is only one of the many factors, which are perhaps equally, if not more important in a larger scheme of things.

Here is quick list of factors you need to consider before choosing an SSL Certificate Provider that best fits your needs:

Make sure that the SSL provider has a valid EV SSL Certificate themselves.
How to choose best ssl provider.
There are plenty of SSL resellers out there who’ll fulfil your security needs at a very cheap price, but a little background research will tell you that most of them are fly-by-night companies who cannot even get an Extended Validation (EV) SSL themselves after being authenticated and approved by a third party certificate authority. Go for a provider with a Green bar. It’s the most basic prerequisite.

Make sure that the SSL provider Has a Dedicated Phone Support.
When a major portion of your business is online it’s a certainty that at some point you will experience technical issues since web servers are a core part of doing business online. Choose an SSL provider you can call at 3 in the night and have your problems rectified.

Make sure that the SSL provider has a valid mailing address.
Again, when you’re doing business on the web, don’t select a provider who is working from a virtual office or out of their home. Make sure they’ve a valid mailing address.

Make sure that the SSL provider focuses only on SSL.
If a provider is adding SSL offerings to a multitude of products they already offer to munch on a little extra money, then it not set-up appropriately to manage the support needs of their SSL customers and choosing them is the worst decision you’ll ever make. Go for an SSL provider dedicated and focused solely on SSL certificates.

Make sure that the SSL provider offers multiple SSL brands.
A provider offering a single brand of SSL cannot offer unbiased suggestions for all for all your SSL security needs and will always recommend that single SSL brand regardless of whether it fits your needs or not. Go for a provider that offers you a a wide portfolio of SSL brand options to choose from.

Make sure that the SSL provider offers true 24/7/365 live support.
Run a thorough check and make sure that the SSL provider you plan to go for provides 24/7 support via chat, phone and email accommodating all time zones.

Make sure that there is a reference letter available from the vendor for the SSL provider.
Always ask for reference letters and if possible visible confirmation of relationship between the Reseller and certificate authority. You know Barack Obama, but does he know you?

Make sure that the SSL Provider has an auto SSL Renewal system.
Not all, but many SSL providers lack a proper management program to handle client orders, communication preferences and billing systems, and don’t keep a track on the expiry dates of their customers certificates, which results in sites losing their certificate when it expires, thereby coming across as unencrypted, entrusted and unsecure to the website visitors. Pick a provider who promises to remind you before your SSL certificate expires.

Make sure that the SSL provider offers a money back guarantee.
A litmus test to check the credibility of a provider. If a provider doesn’t offer at least a 30 day timeline to submit a cancellation request and getting full refund incase you aren’t satisfied with their services, that as big as a red flag gets.

Make sure that the SSL provider offers SSL tools to confirm SSL installation.
Go for a provider that provides SSL tools to authenticate SSL security features and to confirm whether the SSL has been installed on the web server or not.

In addition to the points listed above, always check the reputation of your provider online. Search for their reviews not only on their websites, but also on forums that’re well outside their control. No one is in a better position to comment on the quality of their services than people who’ve had first-hand experience of working with them.

Categories
Infographics News Web Security

Why EV SSL Certificates are the Way to Go When Needing an SSL Solution

Are you managing an online web store? Consumers are now shopping online more than ever, learn how consumers decide who to trust before entering their credit card details.

Categories
Articles Legal News Web Security Web Security

Green Address Bar SSL- A Secret of Online Success

While SSL certificates are the current gold standard for online businesses and e-commerce websites, many people remain unaware that there are a number of different types of these certificates. In fact, there are a few different SSL certificates available to these online business sites, with the extended validation (EV) SSL certificate providing the highest level of online security.

Green Address Bar SSL- A Secret of Online Success

The security capabilities of a SSL certificate are directly related to the level of encryption used. Extended validation certificates offer online businesses the highest level of encryption, generally between 128-256 bit encryption. This ensures that all data transmissions are encrypted to the maximum, with virtually no chance of sensitive information falling into the hands of a third party.

One of the greatest advantages of obtaining an EV SSL certificate is getting the green address bar status, which immediately alerts consumers that the site they are visiting offers the highest level of security. The video below will help you get a better hold of the idea:

The main advantage of an EV SSL Certificate is “Trust & highest assurance” to your customers as an SSL certificate authority conducts strong business validation for issuing EV SSL Certificates. EV certificates offer the highest data encryption and browser compatibility. They supply complete business information of the entity along with business name, locality, contact info and the validating certificate authority name. This increases a potential customer’s confidence and makes it more likely that they do business on that particular site. It also increases conversions online. Below are the images showing that how your website address bar will become different in all major browsers if your website carries an EV SSL Certificate.

The EV SSL certificate not only actively combats phishing attacks, but also increases consumer trust, reduces shopping cart abandonment and helps build a business’s long-term revenue. While all SSL certificates provide encryption, the EV SSL certificate provides the ultimate online security and significantly boosts consumer confidence. The green address bar is the ultimate internet standard for online businesses, book bloggers in India, and e-commerce sites.

About Author:
James Labonte, is a Retail Director at The SSL Store™.The SSL Store™ is an one of the largest SSL Certificate Providers in the World & authorized platinum partner of Symantec. You can reach James on Google+, Twitter and Facebook.

Categories
News

Eukhost Announces SSL Certificates on Monthly Billing Term

eUKhost Ltd. has announced the provision of SSL Certificates on a monthly billing considering the stringent IT budgets that most companies face these days. The flexibility to pay on a monthly basis would not only reduce the overhead costs but also allow users to utilize their resources effectively.

Feb 15, 2012 – Eukhost Ltd.(www.eukhost.com), a premium web hosting provider in the UK since 2001, announced the offering of SSL Certificates on monthly billing term with free malware monitoring. This update would allow users to safely transmit information over the web, keeping their budgets intact.

An SSL Certificate is a must have for an eCommerce website”, said the Technical Officer at Eukhost Ltd.

“SSL is an acronym for secure socket layer and a standard of security technology that helps in establishing an encrypted connection between a web server and a web browser. It ensures that the information being transferred between the web server and web browser remains private and secure. Ecommerce websites offer exciting opportunities, but nowadays a lot of Internet users report security issues and are concerned about integrity of their private data, especially the payment details due to the increasing risks associated with online transactions. So, in order to help our customers who are running on a tight budget, we decided to help them by offering this product on a monthly payment term and play our part of helping them have a safer experience over the web.”, he further added.

Eukhost Ltd. claims that this product is capable of serving users ranging from SME’s to large incorporations having an eCommerce business. The product comes with a Malware monitoring service which can detect injections before it can cause any damage to the website and further safeguard the data. The product can be availed irrespective of the web hosting service you choose, an SSL is installed on a server for a domain and it is compatible with both Linux as well as Windows platforms.

To know more about SSL Certificates , you can contact Eukhost via. various mediums such as Live Chat, email them at sales@eukhost.com or give a call at 0808 262 0255.

About Eukhost Ltd.

Eukhost Ltd. is a premium web hosting company in the UK offering Fully Managed Web Hosting services to consumers and enterprises of all sizes. The web hosting services include Shared, Reseller, Virtual Private Server (VPS), Semi-Dedicated, Cloud Hosting and Dedicated Servers based on Linux as well as Windows OS platforms. More information is available at www.eukhost.com.