Free with any Earth Skater E-commerce website (or)

Earth Skater SSL

$75 US + FREE installation
 

A Web Server Certificate permits securer communication between a client and a server (say a customer's browser and a web retailer's server) or two servers (any servers who want to "talk" securely amongst themselves). Simply stated, a web-certificate is a digital document that has unique codes to identify the holder of the certificate to the person accessing the site.

A Personal Certificate is issued to individuals to certify their identity. One can use them to digitally sign email, documents, jar files etc. to prove that they were the author, and that the files have not been tampered with.

Total Web Designs will be offering web certificates. Personal Certificates may be offered at a later time along with other security products.

2.How does a web-certificate work?

A Web-certificate functions as follows:

• Whenever anybody transacts with a "secure" web-site, their browser (or server) authenticates the identity of the web-site using the web-certificate
• If the site's certificate is not valid, a warning is issued to the user, otherwise the web-cert creates an SSL (Secure Server Layer) session and encrypts any information exchanged during that session
• This prevents communication from being intercepted and deciphered by nefarious people on the Internet.

3. Can you explain "how a web certificate works" in "Plain English"?

Basically, when two parties (say a customer and the Amazon.com web-site) wish to "talk" securely (transfer the customer's credit-card number to Amazon.com), then a web-certificate sets up a "secure" session that first verifies the true identity of the party that requests data transfer (Amazon.com).

If a certificate is valid, the other party (the customer) gets a message saying that its OK to "talk" to them (Amazon.com), as they are who they say they are. The other party (customer) then transfers the info (CC number) securely, without fear of any nefarious elements intercepting the data.

If the certificate is invalid, a message pops up saying so. Transactions can still occur, but at the risk of counter party fraud (It may be joesbooks.com tying to appear as Amazon.com)

4. How can someone tell whether a website is using a web certificate or not?

The pages of a web-site which are secured by a web-certificate are characterized by the following traits:

• The URL of the secure web-pages change from http://... to https://
• A lock symbol appears in the lower left-hand (right hand) status bar in Netscape Navigator (Internet Explorer).

If one wants to view and verify the encryption information of the secure pages, one should simply undertake the following:

• In Netscape - click on the lock symbol above and select "View Certificate" button
• In Internet Explorer - double-click on the lock in the lower right-hand status bar.

5. How are your web certificates trusted by the browsers?

Our web certificates are automatically and transparently trusted by browsers. This trust is established because our supplier's Root Certificate has been embedded in all major browsers.

6. What browsers will my web certificate work with?

The web certificates we issue work with 99% of the browsers in use today.

7. How do your web certificates work for different versions of browsers?

Netscape 4.72 and newer - The root certificate is embedded in this browser
Netscape any version before 4.72 - The root certificate has been cross certified by a CA that is embedded in this browser
Internet Explorer 5.01 and newer - The root certificate is embedded in this browser
Internet Explorer any version before 5.01 - The root certificate has been cross certified by a CA that is embedded in this browser

Cross Certification: The process by which two Certificate Authorities (CA) certify each other's trustworthiness.

8. How long does it take to get a web certificate?

Companies will usually receive a web certificate within three business days after the verification has been complete. The verification period varies and relies greatly on the information provided by the company during the application process. The entire process can take up to 1 week or longer.

9. How strong are your server certificates?

Our server certificates are 1024 bit capable and support 128 bit browsers.

The strength of the public key in the certificate is defined by you when you generate the key pair for your server. If you generate a 1024-bit key pair and submit the associated CSR (Certificate Signing Request), then the certificate you receive contains the 1024-bit public key. If you generate a 512-bit key pair then the certificate contains the 512-bit public key.

10. Is my web certificate tied to my IP address?

No, server certificates do not contain any information about IP addresses. However, the domain name listed in the server certificate must match the domain name of the server on which the Web server certificate is installed. The domain name can be mapped to any IP address.

11. I am using several servers in a load-balancing configuration.  How many web certificates do I need?

You will need one web certificate for each of your secure servers (including any virtual servers).

How-To: Purchase your SSL certificate