Today there are three types of certificates that offer 3 levels of user trust for
Skybridge Domains uses SSL certificates from Comodo to generate the best trust online for your website security and utilising https.
- SSL/TLS negotiations: Domain Validated certificates (DV), Organization Validated certificate (OV) and Extended
- Validation certificates (EV).
- Domain Validated certificates are certificates that are checked against domain registry.
A Basic SSL Certificate Definition
While most website managers and IT professionals are very familiar with the use of Secure Socket Layer technology, there are many website owners and do-it-yourselfers that are starting out with small websites and learning on the job.
To provide security to a website, having a basic understanding of the different requirements to protect your website and eliminate hacking, phishing and spoofing is essential. This is done through the use of an SSL certificate. The understanding of this process starts with a basic SSL Certificate Definition.
The certificate is not really a certificate; it is a digital file of data that contains a special key. This key is bound to your organization’s details and it is granted by a Certificate Authority or CA to allow secure transfer of data to and from the website.
An Overview of History
The SSL actually stands for Secure Socket Layer. This technology was originally developed by Netscape way back in 1994. This was the first commercially available security feature to protect user information over the web.
Prior to this, there was no uniform security or protection offered through websites. Different security systems were in place, but they were not truly secure. Hackers were able to easily infiltrate these systems. The growing ecommerce market, which was then relatively small, made developing a secure data transmission method essential to their development.
With the development of Secure Socket Layer technology, an SSL Certificate Definition that was widely accepted and universally used came into existence. The use of SSL currently extends well beyond the early secure HTTP option to just address browsers and servers; now it can be used to secure all types of data transfer.
You may see an SSL Certificate Definition include the use of TLS. This stands for Transport Layer Security and is officially the name for the new generation of SSL, although many people don’t use the new term.
Why Use SSL Certificates?
Not all websites use a certificate, although this is rapidly becoming standard on all types of websites, even if the website doesn’t do any ecommerce business. This is because most online activity includes some form of interaction between the website and the user. This could be leaving your email information to make a comment on a blog or even when posting on social media sites.
For an ecommerce site, the very SSL Certificate Definition answers the question of why it is necessary. It provides your online customers with the confidence to enter debit or credit card information as well as to enter personal information. Without the SSL certificate, there is no security involved, which means any data transfer between the website, the browser and the server is completely open and unprotected.
How it Works
An SSL certificate is granted by a CA or a Certificate Authority. A CA can be a root CA, which means that the browser trusted store already has their embedded root. It can also be an Intermediate CA, which will be vouched for by a root CA.
When you request an SSL/TLS certificate for a website, you will generate two keys from your server in what is known as a CSR or Certificate Signing Request. There is other information about your organization that will also be provided to allow the CA to be able to verify the website and the company are valid.
One of the two keys is the public key. The public key is on your server and it is also part of the public domain. These keys will encrypt information, making it secure to transmit. The private key is needed to decrypt the information. The private key is not part of the public domain and only your server has the private key.
In this way, information from your website is locked or encrypted and sent to the server. Unless the public key matches with the information on the server, it cannot be unlocked. In this way, data security is maintained even with the most sensitive information.
Each end-user, the customer, uses a device to access your website. Their device will have a root certificate from a trusted CA that granted the SSL certificate of the Intermediate CA. There can be several Intermediate CAs, which form a chain, but as long as each one is verified by the one higher up the user will see the website is secure.
What To Do If A Current SSL Certificate Expired
Most websites today are using an SSL/TSL certificate to provide a secure connection to the server even if they are not handling a lot of confidential information. This means that even blogs, social media sites and collections of photographs online are all behind a Secure Socket Layer.
The reason this is so important is really twofold and starts with understanding what is SSL. First, people in the general public using these sites are very aware of security issues online. They look for a gold padlock or a green padlock and tend to distrust sites without any type of security indicator.
Additionally, and this is also very relevant and important, the Google algorithms for search engine rankings look for a security layer as well. Sites with this feature are going to be found higher in the rankings because they are secure. This benefits Google as it becomes a more trusted search engine as the sites it lists on the results pages are also secure. This creates a cycle of repeat traffic, movement up the organic search engine rankings for the company, which is also ideal.
The Basics of the Certificate
An SSL/TSL certificate is only approved by a CA (Certificate Authority) for a specific website with a specific domain owner at its most basic level. This is called a domain validated certificate. For higher levels of security that confirm the domain ownership and other information about the business or the person owning the site, there is the organization validated and the extended validated certificates.
The EV SSL is the highest level of security and includes the iconic green address bar. This is only available for corporations, businesses and other specific types of entities. It requires the most comprehensive validation and verification process and everything must be documented as accurate and current.
Each SSL certificate is only good for a specific amount of time. For the free SSL options offered by our competitors, this is as little as 30 days, while for ours it is a full 90-days from the day of application. The SSL file is generated in just minutes, so it can be installed and used immediately.
For all paid SSL/TSL certificates the person applying for the product will indicate the duration of the certificate. Depending on the type of SSL product this can be one, two or three years.
After this time is up, visitors to the website will find the SSL certificate expired. Actually, what they will notice is there is no SSL product on the site, so the padlock is gone as is the site seal.
We Can Help
If you have discovered the SSL certificate expired and you did not get the renewal email, we can still help you if you have a Comodo product. We have an automated system that will begin to contact all of our customers at about 60 days before the expiration date with information on how to renew and a convenient link.
Sometimes, due to email spam settings or other issues, these renewals are missed. If you have changed emails, you can still complete the renewals by logging into your account through the site and following the instructions.
For IT managers juggling multiple subdomains and main domains, we recommend using our CCM (Comodo Certificate Manager) utility. This is an automatic scan of the internal and external network to list all of your certificates by website, CA and expiry date. This can help to prevent any issues with an SSL certificate expired on your system.
To renew after discovering an SSL certificate expired, just generate a new CSR and provide your password. If you do not have your password, contact our staff via email and we can help to provide the information needed. You will need to use the email listed on the expired documentation.
Remember, when the SSL certificate expired it did so because the dates to cease functioning are coded into the SSL certificate. This means when you obtain the new or renewed SSL certificate you will need to install this in the system in order to activate. The information will always be displayed through the CCM or found by mousing over the Trust logo site seal or the padlock and clicking through to view the certificate.