Digital security certificate: what is it for?
SSL (Secure Socket Layer) - an encryption protocol for data exchanged between client and server - has become the most common method of protection on the Internet. It was once developed by Netscape. Secure exchange is provided by encrypting and authenticating a digital certificate. A digital certificate is a file that uniquely identifies servers. Usually a digital certificate is signed and certified by specialized centers. They are called certificate authorities or certification authorities.
Many have probably heard about SSL-certificates , but not everyone clearly understands what it is and why they are needed. In essence, an SSL certificate is a digital signature of your site confirming its authenticity. Using a certificate allows you to protect both the site owner and his clients. SSL certificate allows the owner to apply SSL encryption technology to his site.
Thus, the purpose of an SSL certificate is to ensure a secure connection between the server and the user's browser, to reliably protect data from interception and spoofing. The certificate is used to encrypt data and identify the site when establishing a secure HTTPS connection.
')
Information is transmitted in encrypted form, and it can only be decrypted using a special key, which is part of the certificate. This ensures data integrity. Visitors to the site have the right to expect that the protection of their information, if it is important, will be provided with an SSL certificate. They can leave your site if they see that it is not protected. If the site has an SSL certificate, a lock icon appears in the browser's status bar.
How HTTPS (SSL action pattern) works:
- The user enters a secure site;
- Checking the DNS and determining the IP address of the host website;
- Record web site found, go to the web server host;
- Request a secure SSL connection from the website host;
- The host responds with a valid SSL certificate;
- A secure connection is established, the transmitted data is encrypted.
What sites need SSL protection? Yes, almost everyone. Especially those who are most susceptible to attacks: the resources of financial institutions, major brands, sites that work with personal data and payment information.
SSL certificates are used not only by banks and financial organizations, payment systems and such state portals as the website of the Federal Tax Service (FTS) and gosuslugi.ru, but also online stores and even private individuals and individual entrepreneurs.
What benefits does an SSL certificate give to a business? Since when using certificates and SSL protocol, the data received and sent when visiting websites is encrypted, an authentication procedure is used, this gives users certain confidence that personal data entered by them, such as telephone and bank card numbers, will not fall into the wrong hands. Due to its uniqueness, SSL certificates also make it much harder for cyber frauds to use phishing schemes.
The site owner may also not worry about the fact that customer data will leak to the side as a result of interception or a man-in-the-middle attack, and the reputation of the business and even the company's continued existence will be threatened.
1. Standard HTTP is replaced with HTTPS. This suggests that SSL is used in the connection between the server and the browser.
2. The address bar turns green, indicating that Extended Validation SSL is used on the website.
3. A yellow lock with a closed handle means that the connection between the server and the browser is secure. If the lock is open or missing, the connection does not use SSL.
4. In case of using the Extended Validation SSL certificate, the company name is displayed in the address bar.
The SSL certificate guarantees the protection of all information exchanged by the site with the user's browser. And thus protects your business. This is especially important in financial transactions, online transactions. Indirect benefits - growing confidence in your business, increasing sales, protecting business information.
Ultimately, SSL-certificate helps to gain the trust of customers. If they know that their information is protected, they are more likely to want to deal with your company.
According to a study conducted by GlobalSign, 84% of users would not make purchases on the site without a secure connection. 48% check before entering personal data, how safe the site.
The lock icon and the letters HTTPS in the URL of your site talk about its security. A green address bar of the site with a certificate Extended Validation SSL - even more accurate evidence of the reliability of the resource. Visitors will know that they have visited exactly that site, and the information entered by them will remain private.
In addition, the sites, confirmed by certificates, occupy higher positions in the results of search engines in comparison with competitors without SSL. In 2014, Google announced that it would consider the use of HTTPS (the letter S stands for the use of an SSL certificate) when ranking sites. That is, if the site does not have an SSL certificate, it will not occupy high positions in the results of search results and will not be able to attract a large number of visitors.
Certificates are usually purchased not directly from the certification center, but through partners. In Russia, a lot of companies sell certificates of well-known certification centers (CAs), such as Comodo, Geotrust, GoDaddy, GlobalSign, Symantec and others. The root SSL certificates of these CAs are preinstalled as trusted in all popular browsers. There are unique offers. REG.RU , as a GlobalSign partner implementing a joint SSL development program with this company, can offer certificates from this leading CA - from basic to advanced level.
As a rule, partners have contracts with different certifying centers, which makes it possible to select the certificate that is optimal for the price (in rubles) and characteristics, to receive discounts and assistance of experienced specialists when choosing a certificate and installing it on the server. For some customers, the brand is important, the company name in the certificate.
To see detailed information about the SSL certificate, the user simply clicks on the lock icon and select “View Certificate” in the menu. Browsers may vary, but the certificate always contains the same information.
Not all SSL certificates are paid. For example, when registering a domain or buying a hosting service, REG.RU clients can get an SSL certificate for free. Also, a nice bonus is available when you connect to Yandex.Kassa. It is worth noting that the free certificate is issued for one year.
According to Netkraft , in 2015, about a third of SSL certificates in the world were issued by Symantec, which was 10% ahead of GoDaddy. The top three certification centers (CA) account for over 3/4 of SSL certificates used on the Internet.
According to our calculations, only in second-level domains, in 2015, about 144 thousand SSL certificates were used in the .RU domain zone. Only 30% of them are valid, that is, CAs are verified. All others do not guarantee protection from interception of user data. The volume of sales of SSL certificates in Russia reaches about 6.2 billion rubles. in year. According to Mozilla, according to December 2015, 40% of the sites in the world and HTTPS were used with 65% of transactions.
The SSL certificate is issued by the certifying center - an independent party that verifies the accuracy of the information specified in the certificate: whether the domain name really belongs to the company or the natural person for which it is registered; the authenticity of the site for which the SSL certificate was issued, etc.
There are certificates of different levels of verification. For the protection of personal data of users suitable certificate with a simplified verification - DV (Domain validation). Certificate with domain verification is the lowest and cheapest level. It is available to individuals and legal entities, issued to the owner or administrator of the domain name and simply confirms this domain name.
The next level is the OV (Organization validation) certificate for organizations, which is used to verify the connection between the domain name, the domain owner and the company using the certificate. That is, such a certificate certifies not only the domain name, but also the fact that the site belongs to a truly existing organization.
For better verification of the company and its authority to purchase certificates, so-called extended validation certificates (EV) are used. This is the most prestigious type of certificate. Such certificates cause the most trust. For example, DigiCert, one of the leading certification authorities, sells OV and EV certificates. GlobalSign partners offer SSL certificates of various levels, including the highest.
After installing the certificate of the extended verification, the address bar in the browser turns green - this is a visual indicator of the site reliability. The certificate contains the name of the organization and the name of the certificate authority that issued the certificate.
The green address bar is an indicator of the legality of your business. Certificate with extended verification not only provides protection against fraudulent sites. If domain verification certificates provide only encryption of the connection, certificates of the highest category also give your clients confidence in the legitimacy of your business. When issuing an EV certificate, a very thorough check of the organization is carried out, including checking its activities, compliance with official documents, as well as the rights to use a domain name. Therefore, enterprises applying certificates with extended validation enjoy great success in the market. As already noted, in order to find out which certificate you are using, the client simply clicks the lock icon in the browser bar.
This diagram shows the shares of DV, OV and EV certificates at the main certification authorities. DV certificates account for about 70% of all types of certificates; EV accounts for less than 5%.
There are certificates for one, several domains (SAN) and certificates for all direct sub-domains of the selected domain (Wildcard).
According to the analytical service StatOnline.ru, out of 3,286,782 sites in the .RU zone (at the end of February) only about 60 thousand (or about 1.8%) of resources have SSL certificates checked by certification authorities. The rest use self-signed, invalid certificates, or generally refuse this type of protection.
REG.RU and one of the oldest international certification centers GlobalSign have launched a program to promote secure data transmission on the Internet. It is designed for both owners of Internet resources and ordinary users from Russia and the CIS.
Together with GlobalSign, we intend to create a culture of secure transmission of information. A key element of the program is to increase the availability of SSL technologies and to provide site owners with up-to-date security tools.
SSL certificates were also noted in the country's leadership. According to the media , in Russia can be created its own state certification center for their issuance. Reportedly, such work is already underway. But for this you will have to oblige the browser manufacturers to pre-install a special root certificate in their products.
So what is the value of HTTPS and SSL? Why is it necessary when site visitors do not need to enter confidential information or make payments? At least then, to rise higher in the search results. Yes, and user confidence - a factor that can not be discounted. Technically complement the SSL site is not difficult, and financially it is not burdensome. SSL certificate is a simple and economical way to protect your website and online transactions, making it more secure for users. Today, SSL has become one of the most important measures to ensure the security of sites and an internationally recognized industry standard.
What is an SSL certificate?
Many have probably heard about SSL-certificates , but not everyone clearly understands what it is and why they are needed. In essence, an SSL certificate is a digital signature of your site confirming its authenticity. Using a certificate allows you to protect both the site owner and his clients. SSL certificate allows the owner to apply SSL encryption technology to his site.Thus, the purpose of an SSL certificate is to ensure a secure connection between the server and the user's browser, to reliably protect data from interception and spoofing. The certificate is used to encrypt data and identify the site when establishing a secure HTTPS connection.
')
Information is transmitted in encrypted form, and it can only be decrypted using a special key, which is part of the certificate. This ensures data integrity. Visitors to the site have the right to expect that the protection of their information, if it is important, will be provided with an SSL certificate. They can leave your site if they see that it is not protected. If the site has an SSL certificate, a lock icon appears in the browser's status bar.
How HTTPS (SSL action pattern) works:
- The user enters a secure site;
- Checking the DNS and determining the IP address of the host website;
- Record web site found, go to the web server host;
- Request a secure SSL connection from the website host;
- The host responds with a valid SSL certificate;
- A secure connection is established, the transmitted data is encrypted.
Protection for business and customers
What sites need SSL protection? Yes, almost everyone. Especially those who are most susceptible to attacks: the resources of financial institutions, major brands, sites that work with personal data and payment information.SSL certificates are used not only by banks and financial organizations, payment systems and such state portals as the website of the Federal Tax Service (FTS) and gosuslugi.ru, but also online stores and even private individuals and individual entrepreneurs.
What benefits does an SSL certificate give to a business? Since when using certificates and SSL protocol, the data received and sent when visiting websites is encrypted, an authentication procedure is used, this gives users certain confidence that personal data entered by them, such as telephone and bank card numbers, will not fall into the wrong hands. Due to its uniqueness, SSL certificates also make it much harder for cyber frauds to use phishing schemes.
The site owner may also not worry about the fact that customer data will leak to the side as a result of interception or a man-in-the-middle attack, and the reputation of the business and even the company's continued existence will be threatened.
1. Standard HTTP is replaced with HTTPS. This suggests that SSL is used in the connection between the server and the browser.
2. The address bar turns green, indicating that Extended Validation SSL is used on the website.
3. A yellow lock with a closed handle means that the connection between the server and the browser is secure. If the lock is open or missing, the connection does not use SSL.
4. In case of using the Extended Validation SSL certificate, the company name is displayed in the address bar.
The SSL certificate guarantees the protection of all information exchanged by the site with the user's browser. And thus protects your business. This is especially important in financial transactions, online transactions. Indirect benefits - growing confidence in your business, increasing sales, protecting business information.
Ultimately, SSL-certificate helps to gain the trust of customers. If they know that their information is protected, they are more likely to want to deal with your company.
According to a study conducted by GlobalSign, 84% of users would not make purchases on the site without a secure connection. 48% check before entering personal data, how safe the site.
The lock icon and the letters HTTPS in the URL of your site talk about its security. A green address bar of the site with a certificate Extended Validation SSL - even more accurate evidence of the reliability of the resource. Visitors will know that they have visited exactly that site, and the information entered by them will remain private.
In addition, the sites, confirmed by certificates, occupy higher positions in the results of search engines in comparison with competitors without SSL. In 2014, Google announced that it would consider the use of HTTPS (the letter S stands for the use of an SSL certificate) when ranking sites. That is, if the site does not have an SSL certificate, it will not occupy high positions in the results of search results and will not be able to attract a large number of visitors.
Where to buy an SSL certificate?
Certificates are usually purchased not directly from the certification center, but through partners. In Russia, a lot of companies sell certificates of well-known certification centers (CAs), such as Comodo, Geotrust, GoDaddy, GlobalSign, Symantec and others. The root SSL certificates of these CAs are preinstalled as trusted in all popular browsers. There are unique offers. REG.RU , as a GlobalSign partner implementing a joint SSL development program with this company, can offer certificates from this leading CA - from basic to advanced level.As a rule, partners have contracts with different certifying centers, which makes it possible to select the certificate that is optimal for the price (in rubles) and characteristics, to receive discounts and assistance of experienced specialists when choosing a certificate and installing it on the server. For some customers, the brand is important, the company name in the certificate.
To see detailed information about the SSL certificate, the user simply clicks on the lock icon and select “View Certificate” in the menu. Browsers may vary, but the certificate always contains the same information.
Not all SSL certificates are paid. For example, when registering a domain or buying a hosting service, REG.RU clients can get an SSL certificate for free. Also, a nice bonus is available when you connect to Yandex.Kassa. It is worth noting that the free certificate is issued for one year.
According to Netkraft , in 2015, about a third of SSL certificates in the world were issued by Symantec, which was 10% ahead of GoDaddy. The top three certification centers (CA) account for over 3/4 of SSL certificates used on the Internet.
According to our calculations, only in second-level domains, in 2015, about 144 thousand SSL certificates were used in the .RU domain zone. Only 30% of them are valid, that is, CAs are verified. All others do not guarantee protection from interception of user data. The volume of sales of SSL certificates in Russia reaches about 6.2 billion rubles. in year. According to Mozilla, according to December 2015, 40% of the sites in the world and HTTPS were used with 65% of transactions.
The SSL certificate is issued by the certifying center - an independent party that verifies the accuracy of the information specified in the certificate: whether the domain name really belongs to the company or the natural person for which it is registered; the authenticity of the site for which the SSL certificate was issued, etc.
SSL Certificate Verification Levels
There are certificates of different levels of verification. For the protection of personal data of users suitable certificate with a simplified verification - DV (Domain validation). Certificate with domain verification is the lowest and cheapest level. It is available to individuals and legal entities, issued to the owner or administrator of the domain name and simply confirms this domain name.The next level is the OV (Organization validation) certificate for organizations, which is used to verify the connection between the domain name, the domain owner and the company using the certificate. That is, such a certificate certifies not only the domain name, but also the fact that the site belongs to a truly existing organization.
For better verification of the company and its authority to purchase certificates, so-called extended validation certificates (EV) are used. This is the most prestigious type of certificate. Such certificates cause the most trust. For example, DigiCert, one of the leading certification authorities, sells OV and EV certificates. GlobalSign partners offer SSL certificates of various levels, including the highest.
After installing the certificate of the extended verification, the address bar in the browser turns green - this is a visual indicator of the site reliability. The certificate contains the name of the organization and the name of the certificate authority that issued the certificate.
The green address bar is an indicator of the legality of your business. Certificate with extended verification not only provides protection against fraudulent sites. If domain verification certificates provide only encryption of the connection, certificates of the highest category also give your clients confidence in the legitimacy of your business. When issuing an EV certificate, a very thorough check of the organization is carried out, including checking its activities, compliance with official documents, as well as the rights to use a domain name. Therefore, enterprises applying certificates with extended validation enjoy great success in the market. As already noted, in order to find out which certificate you are using, the client simply clicks the lock icon in the browser bar.There are certificates for one, several domains (SAN) and certificates for all direct sub-domains of the selected domain (Wildcard).
SSL certificates in Russia
According to the analytical service StatOnline.ru, out of 3,286,782 sites in the .RU zone (at the end of February) only about 60 thousand (or about 1.8%) of resources have SSL certificates checked by certification authorities. The rest use self-signed, invalid certificates, or generally refuse this type of protection.
REG.RU and one of the oldest international certification centers GlobalSign have launched a program to promote secure data transmission on the Internet. It is designed for both owners of Internet resources and ordinary users from Russia and the CIS.
Together with GlobalSign, we intend to create a culture of secure transmission of information. A key element of the program is to increase the availability of SSL technologies and to provide site owners with up-to-date security tools.
SSL certificates were also noted in the country's leadership. According to the media , in Russia can be created its own state certification center for their issuance. Reportedly, such work is already underway. But for this you will have to oblige the browser manufacturers to pre-install a special root certificate in their products.
So what is the value of HTTPS and SSL? Why is it necessary when site visitors do not need to enter confidential information or make payments? At least then, to rise higher in the search results. Yes, and user confidence - a factor that can not be discounted. Technically complement the SSL site is not difficult, and financially it is not burdensome. SSL certificate is a simple and economical way to protect your website and online transactions, making it more secure for users. Today, SSL has become one of the most important measures to ensure the security of sites and an internationally recognized industry standard.
Source: https://habr.com/ru/post/280878/
All Articles