Don't Purchase an SSL Certificate! Read this First!

You want to buy SSL Security Certificates, but you're unsure of whether you are getting the correct one or not. Before you buy or renew your Securiy Socket Layer (SSL) certificate, please be aware.  They are NOT all the same and you should research your choices before you commit.

Should you pay or should you get a free SSL certificate?  Which type?  Who should you buy from? 

SSL stands for Secure Socket Layer and was created by Netscape back in 1994 as a means to ensure secure transactions between secure web servers and browsers.  The protocol is used for such transactions as payments and other data transfer that you want to ensure that there are no data "leaks".      Since then, a number of companies have arisen to provide the SSL webserver certificate for any Website that need s a secure website.     

What is the Process?

1. A user's browser requests a secure page (usually https://) from a server that claims to be secure.  The server has a public key (available to any browser that requests it) and a private key (only used by the server to decrypt a message when it receives an encrypted key)

2. The web server sends its public key with its SSL secure certificate that was issued to it by the Trusted Party.

3. he browser checks that the SSL certificate was issued by a trusted party (usually a trusted root CA like Verisign or Geotrust), that the certificate is still valid and that the certificate is related to the site contacted.

4. The browser then uses the public key, to encrypt a random symmetric encryption key and sends it to the server with the encrypted URL required as well as other encrypted http data.

5. The web server decrypts the symmetric encryption key using its private key and uses the symmetric key to decrypt the URL and http data.

6. The web server sends back the requested html document and http data encrypted with the symmetric key.

7. The browser decrypts the http data and html document using the symmetric key and displays the information.

In other words, the web server gives the user's browser the tools needed to send it an encrypted message that the user knows can ONLY be read by the web server.   This "private" key component (that the web server does not share) ensures that the message will stay confidential

What are the components of the SSL Certificate Transaction?

We see from above that the components of the transaction involve:

a) Certificate

b) Public Key

c) Private Key

This is an accepted security process and one that is not taken lightly by the Trusted Party and the community at large.  The Trusted Root CA provider goes to great length to ensure that the company that has the certificate is the company that you are dealing with.

Why do we need Certificate SSL's?

1. To ensure that the website is who they say they are
2. That credit card numbers can be encrypted and not intercepted by a fraudulent party
3. That the data sent and received cannot be tampered with or forged.

Who are these Trusted Root CA (Certificate Authority) Providers?

The main providers are:

1. Verisign
2. Thawte
3. Geotrust
4. InstantSSL
5. Entrust

Next!  Don't sign up with the wrong provider!! See our Cert Provider Descriptions leading up to our Recomendation!

 Some topics that are an important part of the SSL certifikate registration process is wheather the network open security SSL is a consideration in the buy decision.  This security solution should not be overlooked and a variable weighting should be used in making your final choice.  Layer Secure Sockets or Secure Socket Layer are the terms used to describe the process of securing the transactions.  Note the Web Hosts that are hosting secure SSL certificates may or may not be an ssl accelerator, which is beyond the context of this website.  In addition, Open SSL, which is a full featured open soure toolkit for implementing SSL's are beyond the scope. We also do not differentiate with what the market perceives as Cheap Complete SSL Certificates.  While information can be gleaned from the pages within, it will not be explicity pointed out as all of our candidates have an excellent background.