Secure Sockets Layer Encryption (SSL) Explained
BACK TO HOMEPAGE
What is SSL?
SSL (Secured Socket Layer), is used for sending and receiving sensitive information such as Credit Card information across the World Wide Web. It ensures encrypted/secure communications between the client and receiving server. The SSL protocol supports the use of a variety of different cryptographic algorithms, or ciphers, and most of which provide 40, 56, or 128 bit encryption security.
Key-exchange algorithms like KEA and RSA key exchange govern the way in which the server and client determine the symmetric keys they will both use during an SSL session. The most commonly used SSL cipher suites use "RSA" key exchange, which many of you have probably seen displayed on numerous websites, and next to a provider called "GeoTrust", who issues the SSL Server Certificates. A certificate is used to officially identify you as a legitimate SSL enabled website, and displays your name as the certified holder when visitors check it.
When to use SSL?
SSL is not generally, nor should it be used for all pages on a website. SSL is most commonly used for the sending and receiving of sensitive information such as credit cards, membership ID's, or customer billing information access. SSL need only be used on the "particular" page where the secure activity is taking place. ALWAYS use SSL when asking for credit card information. If visitors do not observe the https:// appearing on the form URL, and the "SSL Symbol" does not illuminate in their browser, they won't be doing a whole lot of business with you. No one wants his or her credit card information intercepted and stolen as the result of a site not using SSL encryption!
SSL Usage? Dedicated VS Shared?
Dedicated SSL means you will be able to access your website in secure mode the following way
https://www.domain.com/
:: Notice the S in the end of http ::
Anything you have in the public_html folder will be and can be accessed securely using the https://
Tthere is no such thing as a folder to put secure stuff in, basically anything in the public_html can be accessed this way.
Shared SSL is basically using and sharing an SSL certificate of a dedicated SSL domain.
For example if you have a reseller plan and your domain is www.hosta.com and you buy a dedicated SSL for your domain you can access your dedicated SSL like so https://www.hosta.com
Then any one of your cleints can access shared SSL using your certificate like so
https://www.hosta.com/~YourClientCpanelUsername/
If you have an order form where you wish to process something securely for your main dedicated SSL domain it could be:
https://www.hosta.com/orderform.html
Or for your client
https://www.hosta.com/~User1/orderform.html
Alternatively you can use the shared SSL we have installed on our servers:
Example: https://dime12345.dizinc.com/~username/
For those of you on our Dime9 server
https://dime9.dizinc.com/~username/
Of course, the shared SSL must be used in a way which displays the hostname of the server.
If you do not like this, then a dedicated SSL created for your reseller domain to be shared among your clients using your SSL would be the solution.
Anytime you will be using a website for online business, we strongly encourage to buy your own dedicated SSL so that your customers will not doubt that they are sending their information to a trusted organization.
|
