Find answers to frequently asked questions about SSL Certificates and how they make the web a more secure place to do business.
What is an SSL Certificate?
An SSL certificate is a bit of code on your web server that provides security for online communications. When a web browser contacts your secured website, the SSL certificate enables an encrypted connection. It’s kind of like sealing a letter in an envelope before sending it through the mail.
SSL certificates also inspire trust because each SSL certificate contains identification information. When you request an SSL certificate, a third party (such as Thawte) verifies your organization’s information and issues a unique certificate to you with that information. This is known as the authentication process.
Learn more: How SSL Works
Why does my website need an SSL Certificate?
SSL certificates keep online interactions private even though they travel across the public Internet, and they help customers gain the confidence to provide personal information on your website. If you ask users of your website to sign in, enter personal data such as credit card numbers, or view confidential information such as health benefits or financial accounts, you need to keep the data private. You also need to assure them that your website is authenticLearn more: Get Started with SSL.
SSL is also used for email servers, web-based applications, server-to-server communications and more. Go to Beyond E-Commerce.
What is encryption and why are there different levels?
Encryption is a mathematical process of coding and decoding information. The number of bits (40-bit, 56-bit, 128-bit, 256-bit) tells you the size of the key. Like a longer password, a larger key has more possible combinations. In fact, 128-bit encryption is one trillion times stronger than 40-bit encryption. When an encrypted session is established, the strength is determined by the capability of the web browser, SSL certificate, web server, and client computer operating system.
How does SSL make my web site more trustworthy?
An SSL certificate contains verified information about the web site it secures to help users confirm that they are communicating with your web site. Extended Validation is the industry’s highest standard of verification and provides the most visible assurance to users: the address bar turns green in high-security browsers.
When you display the Thawte Trusted Site Seal, users can click the trust mark to view web site identification information, the third party (such as Thawte) that verified it, and the expiration date of the SSL certificate. In newer browsers, web site identification information may appear when users hover over the address bar. They can also click the closed padlock icon.
Does authentication really matter?
Authentication means that a trusted third party (such as Thawte) has verified the identification information contained in your SSL certificate, assuring customers that your site is actually your site. Concerns about fraud and identity theft have made users more hesitant to share personal information with unfamiliar web sites. However, 86% of online shoppers feel more confident about entering personal information on sites using security indicators, such as a trust mark (Synovate/GMI, 2008).
Thawte is an established certificate authority and Thawte SSL Certificates include the globally recognized trust mark, the Thawte Trusted Site Seal. SSL Certificates [Compare All]
What is a certificate authority?
An SSL certificate serves as a credential in the online world. Each SSL certificate uniquely identifies a specific domain (such as thawte.com) and a web server. Trust of a credential depends on confidence in the organization that issued it. Certificate authorities have a variety of methods to verify information provided by individuals or organizations. Established certificate authorities, such as Thawte, are well known and trusted by browser vendors. Browsers extend that trust to digital certificates that are verified by Thawte.
What does browser compatibility mean?
When a browser or operating system encounters an SSL or code signing certificate, it checks to make sure that the certificate is valid and trusted. An SSL certificate is trusted if it is signed by a "trusted" or pre-installed root certificate. As an established, globally recognized certificate authority, Thawte root certificates have been pre-installed in most major browsers since 1996. Learn more: SSL and Web Browsers
What is a public/private key pair?
Encryption is a mathematical process of coding and decoding information. Each SSL Certificate contains a public/private key pair: a private key with the code and a public key used to decode it. The private key is installed on the server and never shared with anyone. The public key is incorporated into the SSL certificate and shared with web browsers. Learn more: How SSL Works
What is a certificate signing request or CSR?
A CSR is a public key that you generate on your server according to your server software instructions. (If you do not have access to your server, your web host or Internet service provider will generate it for you.) The CSR is required during the SSL certificate enrollment process because it validates the specific information about your web server and your organization. For help: Key and CSR Generation Instructions
Why choose Thawte?
Thawte is trusted by millions of people worldwide. When we issue an SSL certificate, we know that our name will appear next to yours as the trusted third party who verified it. We take that trust seriously and lead the industry with rigorous authentication methods and a global infrastructure to support real-time certificate look-ups.