The ABC of SSL – Super Duper Encrypted Security in an Age of Internet Commerce

Price for Progress

You have most probably viewed a digital SSL certificate in action by visiting sites where an “s” appears in the http:// of an address bar. The “s” stands for “secure” and indicates that data being exchanged by the web site and your Internet browser has been coded or encrypted. Additional proof of a secure web connection is provided through the appearance of a little padlock at the bottom of the browser. Internet Explorer 7 provides the added advantage of confirming a secure status through a color-coded address bar .

In case you have wondered how all this is articulated, wonder no more because we are here to tell you how.

Simple Definition

The abbreviation “SSL” stands for “secure socket layer” which is one of the many ways to code, scramble or encrypt online data. This form and level of encryption is achieved through the use of complex algorithms. Today, the standard level of encryption used when transmitting sensitive data over the Internet is called 256 bit SSL encryption. This form of digital data protection ensures that communication between a web site and your browser is first scrambled and coded at the point of departure and then subsequently decoded when it arrives at its chosen destination. In other words, even if the data is intercepted by a malicious software application or by a live individual, the data is not compromised in any way, shape or form.

SSL Certificate Wish List

Like everything technical, SSL certificates come in various strengths and combinations. Which SSL certificate is best for you depends largely on the type of e-commerce company you operate, your transaction volume and the level of browser access you wish to provide to your customers. Your SSL certificate vendor is in a position to perform a needs assessment on your site and recommend the right digital SSL certificate for you.

Standard SSL Certificate

For starters, there is the simple, garden variety vanilla SSL certificate which provides protection only to a single domain also known as FDQN or Fully Qualified Domain name. The most popular versions of web browsers currently in use such as Internet Explorer, Mozilla Firefox, Opera and Safari are fully compatible with this certificate. This SSL certificate is incompatible with sub-domains. If you have more than one sub-domain which you need to secure, you have a better option available which we will explore in a moment.

SGC SSL Certificate

The second category of digital SSL certificates is called the SGC certificate. SGC stands for server gated cryptography and essentially allows you or your online customers to use old 40 bit legacy browsers to step up to 128 or 256 bit capacity and thus provide an added layer of security. This SSL certificate costs much more than the starter SSL certificate described above and may not be worth the extra expense.

EV SSL Certificate

EV SSL certificates provide an unprecedented level of security and protection through confirmed identity assurance. Until the advent of this certificate, your customers had no visible indication on the browser to confirm that you were a legitimate and a verified enterprise. EV SSL certificates work in tandem with all popular browsers and indicate through a symbol of trust, a green address bar or even a clearly spelled out message, that your corporate identity has been verified by the SSL certificate authority. This process of verification is implemented by asking you to submit corporate documentation such as licenses, articles of incorporation, bank statements, phone bills and other forms of verifiable evidence. Internet Explorer 7 currently provides the maximum amount of information to site visitors about the nature of this SSL protection. The address bar in Internet Explorer 7 has been programmed to change colors to reflect the security level of the connection. The address bar turns green when the SSL encryption is fully in place. Additionally, this browser also displays the name of the SSL certificate provider as well as the name of the certifying authority. Since these attributes are available only in EV SSL certificates in conjunction with Internet Explorer 7, investing in this class of SSL certificates is worth a serious consideration. If you happen to be an established Internet commerce company and have the funds to invest in this class of SSL certificates, this might be the right protection package for you and your customers.

Wildcard SSL Certificate

A wildcard digital SSL certificate is ideal for you if you have a need to secure a primary domain and a host of sub-domains through data encryption. Under normal circumstances, SSL certificates tend to secure only a single primary domain or a sub-domain. For instance, if you had one primary domain such as [] and two sub-domains such as [] and [], you would have to invest in three separate SSL certificates. A single wildcard SSL certificate, on the other hand, can protect not only the primary domain but an unlimited number of sub-domains. This results in significant cost savings for those who need this level and quality of protection.

SSL Certificate Bottom Line

Digital SSL certificates can start from as low as $70 and can go all the way up to several thousand dollars depending on the class and strength of certificates you require. SSL certificates have a dated validity and usually expire in one year. To save money, it is best to purchase certificates with multiple year validity and shop around carefully during renewal time. The price for an SSL certificate typically includes the cost of customer support, trouble shooting and a warranty to cover losses arising out of protection failure in rare instances.

To Buy or not to Buy

SSL Certificates – Do You Need One For Your Site?

SSL stands for secure socket layer and is a protocol for managing the secure interactions between a web browser and a web server; it works by encrypting such information as credit card numbers, logins, passwords and the like. Banks and online merchants use SSL to maintain the security of their websites.

If you sell products or services directly from your site and except credit card payments it’s a good idea to have SSL; it instills confidence in your customers by making them feel safe to use their credit cards on your website. SSL is also necessary if you have created a Canvas or Page Tab app in facebook, such as a welcome page. Facebook requires secure connections to ensure all those using HTTPS (SSL cert.) still have the same functionality of HTTP users (non-secured).

Before you can begin you will need to verify that your hosting account supports SSL. You will also need to purchase an SSL certificate from a retailer; be aware that there are many grades of SSL certificates to choose from, most people will do fine with the basic level. Once you’ve purchased a certificate you will need to install it onto your server.

There are a number of methods to install SSL onto your server depending on the type of software your hosting company uses. This article will go over installing SSL using cPanel. CPanel is a web-based administration tool that is supplied by many hosting companies and is used to setup and control a web page or site.

Private Keys

The first step is to create a private key. A private key is a string of characters that a computer uses to encode or decode encrypted messages it receives. The private key file must be used with the specific SSL certificate for which it is created. This private key is secret and should not be given out. There is no way to recover a private key file if it is lost.

  1. Login to your cPanel control panel, the information on how to do this was supplied by your hosing company.
  2. Click on SSL / TLS Manager Icon in the security window.
  3. Scroll to the bottom of the screen and select the domain name you want the SSL installed on.
  4. Select the key size, the bigger the key the more secure.
  5. Finally, click Generate to create your new key and click “Return to SSL Manager”.

SSL Certificate Signing Request (CSR)

A CSR is a request which you send to a certificate retailer asking them to grant you an SSL certificate. You must have a key before generating a CSR.

  1. Under “Generate a New Certificate Signing Request” select the Host; the site the SSL is to be installed on.

Fill in all the required information

  1. Country
  2. State
  3. City
  4. Company – you can use the name of your website.
  5. Company Division – you can use the niche you are working in.
  6. Email address – this is where the SSL certificate will be sent
  7. Pass Phrase – Not required, it’s a challenge password used by Apache at startup to decrypt your SSL private key.

Once all the information is complete click the “Generate” button to create the certificate. Make a copy of the CSR, you will need it when purchasing the SSL certificate and then click “Return to SSL Manager”.

Purchase SSL Certificate

Cpanel is now ready to accept a new SSL certificate. Do a search for “SSL certificates” to find a retailer.

  1. Purchase a certificate and fill in the required information.
  2. You will be asked to paste the CSR that you generated in cPanel into a form to complete the transaction.
  3. Confirm you are the site owner – each retailer will be a bit different, some may have phone confirmation others will have email or both.
  4. Once you have confirmed you are the owner of the site the retailer will send you the SSL certificate and an intermediate CA certificate which you will install using cPanel.

Install the Certificate

Know that you have all the certificates you are ready to install them on cPanel. Copy the certificates you received from your retailer and the key you generated at the beginning into a word pad document for easy access.

  1. Go back to cPanel and the SSL / TLS Manger
  2. Click the “Setup a SSL certificate to work with your site” at the bottom of the page. If this link does not appear contact your hosting company.
  3. Select your domain from the drop down menu.
  4. Copy the SSL Certification and paste it into the “Certificate (CRT)” window.
  5. Copy the Key and paste it into the “Key (KEY)” window.
  6. Copy the intermediate CA and paste it into the “Ca Bundle (CABUNDLE) window.

With all the certificates and the key in place click the “Install Certificate” button. If no errors where made you will get a confirmation that the SSL certificate was installed. Keep in mind that each retailer may name the certificates in a slightly different manner.

If the retailer has a site seal that you can apply to your website that confirms you have SSL, I suggest doing so because it gives your visitors and customer’s piece of mind while they shop on your site.

If you run into a problem simply erase and start again, cPanel looks very intimidating but it is fairly user friendly. Give yourself a few hours to accomplish the entire process from shopping for the certificate to the installation. With the SSL installed your customers can now shop on your site with the confidence that their private information is safe.

Article Source: