Hosting 4 Less offers an extensive array of web security products to website authors and software developers. If you’re building and maintaining a website or developing programs, security is part of your job. Internet users are increasingly more concerned about security and demand that the sites they visit and the products they purchase be secure. In a competitive marketplace like the Internet, if your site isn’t secure or your code isn’t signed, buyers will abandon your site in favor of a competitor that they feel they can trust.
If you’re not familiar with SSL Certificates or Code Signing, read on. We’ve tried to cut through most of the technical jargon to give you a quick explanation that will help you understand why SSL Certificates and Code Signing are important to you and your business. After you have a better understanding of what these tools are, and how they’re used, you can purchase the appropriate SSL Certificates or Code Signing Certificates products right here, at Hosting 4 Less.
The Secure Socket Layer protocol was created by Netscape to ensure secure transactions between web servers and browsers. The protocol uses a third party Certificate Authority (CA), to identify one end or both ends of the transactions.
In a nutshell, the information being passed back and forth is encrypted and decrypted in a number of ways to be sure that it’s kept private. Here’s how it works:
- A web browser requests a secure page (usually with an address that starts with https://).
- The web server sends its ‘public key’ (special block of code that identifies the sender) with its certificate.
- The browser checks that the certificate was issued by a trusted party (A Certificate Authority such as Digicert, GeoTrust or RapidSSL), that the certificate is still valid and that the certificate is related to the website contacted.
- The browser then uses the public key, to encrypt a random encryption key and sends it to the server where the site is hosted with the encrypted web address as well as some other encrypted http data.
- The web server decodes information using its private key and uses the symmetric key to decrypt the web address.
- The web server sends back the requested web page and other information encrypted with the symmetric key.
- The browser decrypts the http data and html document using the symmetric key and displays the information.
The purpose of this exchange is two-fold:
- To verify that the site that is being visited has been verified to be who they claim to be.
With the advent of ecommerce, online transactions of personal and financial information have become the target of criminals that can create exceptionally accurate impostor websites where viewers unknowingly divulge information that is used for identity theft and other criminal activities. - To encrypt transactions so that they cannot be intercepted.
The Internet passes data over long distances. During transmission, the packets of data being transmitted are in danger of being intercepted. Data encryption uses sophisticated encoding/decoding processes to make the data nearly impossible to decipher without the proper keys.
Utilizing an SSL Certificate to secure exchanges of personal or financial information is simple and relatively inexpensive. Web users that intend to conduct business on the Internet have an expectation that the site will be protected by an SSL Certificate and will generally refuse to submit information on sites that are not secured.
RapidSSL is a 128 / 256 bit single root SSL certificate. RapidSSL owns the root used to issue RapidSSL certificates making it a stable SSL offering. RapidSSL is already present in the IE 5.01+, Netscape 4.7+ and Mozilla 1+ browsers and many other new Windows and Mac based browsers. At a very special low price, RapidSSL is an ideal solution for securing websites conducting lite levels of ecommerce.
More RapidSSL Certificates
GeoTrust SSL Certificates are the most convenient and cost effective solution for any business that needs to conduct secure online transactions. These certificates enable up to 256-bit encryption. These SSL certificates come with a $500k warranty, a dynamic site seal and have a 99+% browser compatibility.
More GeoTrust SSL Certificates
Digicert SSL Certificates protect the transfer of sensitive data on Web sites, intranets, and extranets using a minimum of 40-bit and up to 256-bit encryption (the highest that each individual browser will allow). The Digicert Secure Site SSL Certificate includes a $1,500,000 warranty and the Norton Secured Seal.
More Digicert SSL Certificates
Code Signing is the process of digitally signing computer programs and scripts to confirm the identity of the software author and guarantee that the code has not been altered or corrupted since it was created by the software’s original author. Third-party companies (Such as Digicert and Thawte) verify the author and provide tools to time and date-stamp the code.
Code Signing can provide several valuable features. The most common use of Code Signing is to provide security when distributing software through the Internet. Code Signing implementation uses a digital signature mechanism to verify the identity of the author or build system, and a means to verify that the object has not been modified. It can also be used to provide versioning information about the program or to store other meta data about an object.
For software developers that intend to publish and/or sell their products online, a Code Signing Certificate gives them the ability to assure people that are purchasing from them, that the software they are installing has not been tampered with or altered by hackers. With the widespread concern over “malware” being spread through the Internet, it is in a developer’s best interest to utilize code signing to protect their products and assure buyers that their purchases are safe.
Digicert® Code Signing Certificates protect your customer, your brand, and your intellectual property by making your applications identifiable and harder to falsify or damage with a time-stamped digital signature certified by the most trusted security brand on the Internet (Tec-Ed Whitepaper, PDF, Oct. 2007).