Symantec Thawte RapidSSL GeoTrust
Ebay Best Buy DiscountASP.NET Amazon

Secure your Online Ordering with SSL Certificate.

Still this day and age people are very insecure about ordering anything online. Still though many people order and give their credit card data over the phone they still are doubtful upon ordering online. This stuff will show you what to look for to see if it is safe to order online, the common process on how things are processed online, and the securities required.

What The Web User Should Know:

Everybody recognizes to appear for the padlock on the bottom of the web browser. If not that says you that the web page is secure. Along with that padlock on the bottom of the web browser your web page should display https:// instead of http://. (The “s” points of view for “secured”)

How is a web page secure?

If you're going to run an online store or e commerce Web site, you should be aware of HTTPS - or Hypertext Transfer Protocol with Secure Sockets Layer. HTTPS is a protocol to transfer encrypted data over the Web.

There are two primary differences between an HTTPS and an HTTP connection work:

HTTPS connects on port 443, while HTTP is on port 80

HTTPS encrypts the data sent and received with SSL, while HTTP sends it all as plain text

Most Web customers know that they should look for the HTTPS in the URL and the lock icon in their browser when they are making a transaction. So if your storefront is not using HTTPS, you will lose customers. But even still, it is common to find Web sites that collect money including credit card data over a plain HTTP connection. This is very bad.

As I said above, HTTP sends the data collected over the Internet in plain text. This means that if you have a form asking for a credit card number, that credit card number can be intercepted by anyone with a packet sniffer. Since there are many free sniffer software tools, this could be anyone at all. By collecting credit card information over an HTTP (not HTTPS) connection, you are broadcasting that credit card information to the world. And the only way your customer will learn it was stolen is when it's maxed out by a thief.

What about types of Browsers?

Internet Explorer used to control 90% of the market for web browsers, so naturally hackers and cheaters were attracted to attacking that browser to obtain information. So the safe alternative was to use a different browser like Firefox that was not very popular. But as Firefox gains popularity they will become a target as well. Their goal was to gain 10% of the market, and they are now pushing 20% according to statistics of people.

You would be interested in knowing that with a properly configured web site with the correct shopping cart script for collecting credit card information that connects to a merchant account gateway, the credit card number is never seen by the webmaster. It's true! I cannot see the process of filling out the information, and when I visit my merchant account online to view transactions I'm not shown the full credit card number. "But be warned on how people can work around this!"

How can they process a credit card that is insecure and/or see my credit card number?

If the page is unsecured. (HTTP instead of https and the lock is open on the bottom of the browser)

If they use a simple online form to ask for the information instead of a script. (When the information is emailed out instead of processed) Even if the form is on a HTTPS page it would still be secured, but as soon as it is mailed it becomes unsecured and if anything happens the web site owner could lose his merchant account and not be able to apply for a new one EVER AGAIN! I've seen customers use this way to process cards and manually enter them at their store. Needless to say I refused to create a site that operates this way for liability issues.

What's the process involved for getting a SSL Certificate?

Fill out the required information of name, address, phone number, etc.
You will get a 'phone authentication' call recording your voice stating
your name for security and asking you to enter a 4 digit code that would be provided for you.
After that has been verified you can install the SSL Certificate.

After you’ve Got Your HTTPS Certificate

Your hosting provider will need to set up the certificate in your Web server so that every time a page is accessed via the https:// protocol, it hits the secure server. Once that is set up, you can start building your Web pages that need to be secure.

Here are some tips for using HTTPS:

Point to all Web forms on the https:// server. Whenever you link to Web forms on your Web site, get in the habit of linking to them with the full server URL including the https:// designation. This will insure that they always are secured.

Use relative paths to images on secured pages. If you use a full path (http://www...) for your images, and those images are not on the secure server, your customers will get error messages that say things like: "Insecure data found. Continue?" This can be disconcerting, and many people will stop the purchase process when they see that. If you use relative paths, your images will be loaded from the same secure server as the rest of the page.

Secure only the pages that request and collect data. It is possible to run your entire Web site on https://, but it slows down the connection and some SSL providers charge you on the bandwidth secured. You should only secure those pages that collect data.

For more information visit: ClickSSL.com

5 step to Build a Successful E-Commerce Website.

Start selling on the web in 5 easy steps. Covering design, shopping carts, merchant accounts, SSL, and promotion- everything a budding online merchant needs to know.

Selling on the web is just a few steps away. Though setting up an online storefront may seem like a monumental undertaking, having a game plan can make it far easier. This article will briefly touch on 5 steps, from building your site, setting up your storefront, getting a merchant account and SSL, to promoting it.

Step 1: Website Creation

If you don’t have web design skills, you can hire a qualified web designer to create a website for you, or you can use an online site builder. Think of it as hiring an architect and an interior decorator compared to setting up shop in an existing store.

Using a web designer

With the services of a web designer, you can have a unique website template and website customized to your specific needs. A web development team can also add features such as Flash headers or any programming needed for your site. If your company image is critical, a custom-designed site that conveys the right professional image is a must.

Using an online site builder

An online site builder is the budget way to go. With site builder programs such as Site Studio, your website can be online within minutes. A step-by-step menu allows you to choose a layout and colors, and then add a site description, a logo, and content. Your template may not be unique, but your content will.

Step 2: Set up an e-commerce store

Your customers will browse at your website, select some items, and then pay for them. When you set up an e-commerce shopping cart, you’re providing a way for your customers to bring their purchases to the cash register. The program you choose will allow you to enter your products in the database and allow shoppers to choose products when they click on "Add to cart" or something similar.

Well-known shopping carts, osCommerce allow you to do these tasks:
  • Add, edit, and delete product categories and other information
  • Set tax rates and charge tax
  • Receive payment via numerous online and offline payment processing methods
  • Bill customers and much more

osCommerce

osCommerce is an open source program. Store owners can set up their online stores using osCommerce with no costs involved. For small stores, it has all the features you need for an online store. Drawbacks of osCommerce are that customization is not easy, and online stores using osCommerce tend to look similar.

Step 3: Get a merchant account and payment gateway

Having a store stocked with products means little if customers cannot pay for them. The most trusted way to accept payment on the web is with a merchant account and payment gateway. Merchant accounts allow customers to enter their credit card numbers into the shopping cart and have the merchant charge their cards directly, without the aide of a third party processor like PayPal. A payment gateway is the software used to facilitate and manage these transactions. Merchant accounts, like hosting packages and shopping carts, come in myriad forms, each suited to different needs. Always be sure the merchant account, payment gateway and shopping cart are compatible. If there's any doubt, the best place to inquire is with the merchant account provider.

Step 4: Create a secure payment environment

The store's potential customers have products to buy and a way to buy them, but they will be hesitant to do so if their personal and credit card information isn't secure. This is where SSL certificates enter the picture. Through an SSL certificate a customer's personal information and credit card number are encrypted when sent from their home browser, through the shopping cart, to the merchant account. This security gives customers peace-of-mind when doing business with the shop. With reports of identify theft and credit card fraud on the rise, there is simply no way an online store will be successful without a security certificate. There is little shopping to do here, as most security certificates provide an equal level of protection.

Step 5: Promote the Store

Your products are on display in your newly designed store, your shopping cart is set up and ready to use and you have everything in place to be able to receive payments securely. Now all you need are customers.

This is where marketing comes in.
  • Submit your site to search engines.
  • Advertise your site.
  • Keep your company name in front of your customers with a regular email newsletter.
  • Add more content to your website to keep it fresh.
  • Monitor your website traffic to see where it’s coming from and how you can increase traffic for key content areas.
For more information visit: ClickSSL.com

Secure Multi Domains on a Single Server

Wildcard certificates can cover all first-level sub domains of a domain. A single Unified Communications Certificate can cover many different domains within a single SSL certificate
Secure 5 to 25 Domains on Single SSL Certificate
Geotrust True BusinessID Multi Domain SSL secure a main domain, and up to 24 additional Subject Alternative Names, within a single certificate. Unified Communications Certificate (UCC) also known as Subject Alternative Names (SAN) certificate enable Up to 256 bit SSL encryption supports secure transmission of susceptible data.
Following are examples only would be secured by Multi Domain SSL certificate. You can secure anything along with Multi Domain SSL as it fulfills 99% of SSL requirements.
  • www.yourdomain.com (Company Business Public Domain)
  • mail.yourdomain.com (Business Domain Email)
  • private.internaldomain.net (Internal Domain Name)
  • payment.yourotherdomain.com (Sub Domain on Public Domain)
  • anything.newdomain.com (Sub Domain Name)
  • www.otherdomain.com (Company Public Domain)
  • msexchange1 (Email Server Net-Bios Name)
  • server.local (Internal Private Test Domain)
  • 192.168.255.255 (Server IP Address)
  • mailautodiscover (Auto discover name for SMTP server)
  • www.anydomainown.com (Company another business Domain)
With a GeoTrust True Business ID Multi-Domain SSL certificate, you can add, edit, or delete up to 25 domain names over the lifetime of the certificate. Unified Communication products such as Microsoft Exchange, Microsoft Communication Server, Share Point and many more can be secured with this specially designed UC certificate.
With Multi Domain SSL Certificate, you can add, edit and delete up to 25 Domain Names. ClickSSL offers Multi Domain from 1 to 5 years at an affordable price. Every True Business ID certificate includes a dynamic GeoTrust True Site Seal with your company name and a real-time date/time stamp. When users of your online services see the seal and verify your name, they have more confidence to complete their transactions and trust your services. ClickSSL is a Geotrust authorized reseller Company, so you know that you are go with most trusted & reliable company in SSL Industries.

How to look for a Cheap SSL Certificates.

Secure Sockets Layer (SSL) is a protocol that protects your Web site and makes it easy for customers to transaction with you. SSL provides security and an encrypted link between a web server and a web browser to make sure that all data transmitted are private. Many consumers recognize the "golden padlock" which shows that they are viewing a secure web page.

SSL certificates can provide you with non-forge able proof of your website's identity, and customer trust in the integrity and security of your online business. Customers are aware of the advantages of SSL security and will often not purchase online from non-secure stores. All major online businesses use SSL security to encourage customers to buy online.

Security for your website

There are several SSL certificate vendor that offers Cheap SSL Certificates, the good thing of having one is that you will gain your customer’s trust and attract more buyers without hesitation of giving their personal information on your website for their payment process.

You can find cheap SSL certificates that cost $11, mostly it varies from $11 to as much $1,000 or more. Why does it have a big difference? The main reasons are some certificate authorities have been around longer than others, so you are sure that their certificates are worth it, because it is already working in older browsers. Some certificates are directly signed by a trusted certificate, while others are chained from another intermediate certificate. This is not really a problem, as long as the company selling the chained certificate really does own the root certificate. Chained certificates are usually cheapest SSL certificate. Different certificates give different levels of assurance to your website visitors about whom you are. This not really a major issue for more sites, because website visitors are generally happy as soon they see the lock icon in the lower left corner to the browser window. A few certificate authorities claim to provide enhanced security to customers with very old computers.

Different type of SSL certificate you should buy are:

• If your website is intended to sell products to the public, and you have no special interest in serving users with very old computers, you can get by just fine with a chained, domain-only certificate from a newer certificate authority.

• If your website are selling products to the public and have a much larger audience than the webmasters in the first group, then the thought of a "small number" of users who ca not use newer certificates will be setting off alarm bells for you.

• If your website offers financial services, or requires especially private information from users, such as social security numbers and tax identity number. Mostly users on such websites more likely to check the detailed certificate information.

Demand for reliable online security is increasing. Despite on increasing online sales, still many consumers continue to believe that shopping online is less safe than doing the old-fashioned shopping on stores. The key to establishing a successful online business or a website is to build customer trust. Only when potential customers trust that their private information and personal data is safe with your business, will they consider making purchases on the Internet.

Original Source : Article Base

Explanation of SSL (Secure Sockets Layer) and HTTPS

Processing transactions strongly on the web means that we essential to be able to transmit information between the web site and the buyer in a conduct that makes it testing for other people to intercept and read. SSL, or Secure Sockets Layer, takes custody of this for us and it plant through a combination of programs and encryption/decryption routines that survive on the web hosting computer and in browser programs (like Netscape and Internet Explorer) worn by the internet world.

SSL Overview from the Browser viewpoint:

Browser checks the SSL Certificate to make clearly that the situate you are connecting to is the real site and not somebody intercepting.

Determining encryption types that the browser and web place attendant can both use to understand one another.

Browser and Server send one another sole codes to use when scrambling (or encrypting) the information that will be sent.

The browser and Server open chatting with the encryption, the web browser shows the encrypting icon, and web pages are processed available.

Internet communication typically runs through several plan layers on an attendant before receiving to the requested numbers such as a web page or cgi scripts. The external layer is the first to be hit by the appeal. These is the high degree protocols such as HTTP (web attendant), IMAP (dispatch attendant), and FTP (sort convey).

Determining which surface layer protocol will market the appeal depends on the brand of demand made by the client. This high flattened protocol then processes the appeal through the Secure Sockets Layer. If the demand is for a non-stable connection it passes through to the TCP/IP layer and the attendant application or numbers.

If the client requested a fastened connection the ssl layer starts a grasp to begin the protected communication course. Depending on the SSL complex on the attendant, it may demand that an acquire connection be made before allowing communication to toss through to the TCP/IP layer in which case a non-protected request will transmit back a slip asking for them to retry steadily (or only deny the non-lock connection).

The handclasp is the most complicated advantage in the process and while our example specifically uses HTTPS (web based safety) the same stuff operate to other protocols.

The "handclasp" syncs the attendant and the client up with the encryption methods and keys that will be used for the remainder of the communications. This is also where the attendant authentication is determined (and client authentication if necessary by the attendant).

Typically it is enough to know that attendant and client determine a protected connection but the next is a rushed of what happens (again, with https and "web browser" for example):

The client's web browser sends the web position attendant it's methods of encrypting facts. This includes the encryption class, some chance facts that the encryption programs on both sides can use in the scrambling routines, and other ssl related facts.

The attendant takings it's own random data to be used for encryption as well as other safe sockets layer information (including it's ssl certificate with a long sequence of characters called a shared key) that the browser will penury.

The shopper's browser checks the information it recieved and compares it to the area it was tiresome to attach firmly with. If the fastened certificate information on the web locate doesn't contest the area name the browser will advise the consumer that there is a challenge. The certificate expiration courted and suitable certificate sureness also check at this crux.

The handshake finally creates the new key that the remainder of the connection will be with. The end invention is then a transmission encrypted based on a calculated key that is based on a combination of verified certificates.

The browser now creates a "premaster enigma" that encrypts the support of the meeting. This is a random key that it encrypts with the settled ahead encryption process combined with the attendant's broadcast key twine that it recieved and sends the new encrypted surprise sequence back to the server

If the server requires client authentication, it is done at this point with the same steps but looking for a certificate on the client margin sooner than on the server piece. Typically this is done in corporate environments.

With the new "premaster surprise" string, both the browser and the web locate server originate a new "master mystery" string and use it to craft gathering keys (long strings of generated characters) that their encryption programs use for the leftovers of the gathering to jostle and descramble (or encrypt/decrypt) all transmissions for the surplus of the gathering. With the Master Secret key in place, both sides are also able to verify that the data didn't change in route.

The browser now has the information it wants to determine steady communication and it sends a letter to the server maxim that it will depart using the new meeting key.

The browser (now chatting in the encrypted arrange) verifies to the web server that it is complete locking / securing it's part of the assembly.

The web server then sends a memo to the browser saying that it too will start using the new meeting key.

The web server (now chatting in the encrypted arrange) verifies to the browser that it is complete locking / securing it's part of the session. The remainder of the SSL session gets processed between the browser and the web server using the fixed leading encryption with the master secret verbalize as the key.

For more information visit ClickSSL.com

SSL Certificate and Cyber Security.

Since last 20 to 25 years world is rapidly changed to cyber world. Cyber made all things fast and closest. Living miles away, people can see, speak, and live as sitting on coffee table. Cyber innovation changed the growth of world beyond imagination in last 25 years. When a computer was invented it was a giant and now people use it as notebook. Technology is developing rapidly with unmeasured growth.

A rapid growth of cyber required security and safety. People started talking online, shopping online, banking online even getting married online. Let's talk about cyber security, many online shoppers, sellers and bankers were abused by Hackers (Kind of thieves). These thieves were major problem on cyber invention. People started feeling unsecure started avoiding online dealings. Innovation is on growth and did not want to stop or running back to zero. Technology gurus found key to secure online data and this key is SSL certificate.

What are hackers and hacking?

Hackers are thieves who try to gain un-authorized access to your computer via network or program. Stealing data from computer or network is called hacking. Like as thieves Hackers do not knock your door. They get un-authorized access and start stealing your personal data. You realize once see loose of data, money and everything

Who invented SSL certificate?

SSL certificates are developed on protocol SSL (Secure Socket Layer) by Netscape in 1994. Netscape used encryption and decryption technology to make data unreadable for hackers. Incase hackers steal encrypted data then even he can not read get correct data.

Later technology established SSL certificate standards and authorized few organizations to work as SSL certificate issuer. They are called SSL CA - Certificate Authorities. Few of them are VeriSign, GeoTrust, Thawte, Equifax, Entrust, Global Sign, RapidSSL, Comodo. All these CAs are authorized for issuing Web Trust certificates. SSL technology started supporting up to 256 bit encryption to secure online data.

As online shopper, seller or banker trust only SSL certificate website. Real merchants always used SSL certificate securing customer credit card details and private information. Do not get abused with good web designs and words, as scammers always use such scamming ideas. Trust only SSL certificate secured websites.

Effective SSL certificates solutions – energetic start to ClickSSL.com

ClickSSL is gallant to declare the official establish of their interactive website ClickSSL.com that will be offering authentic SSL Certificates to online businesses making them safe and secure. Having partnered with GeoTrust, RapidSSL, Thawte & VeriSign – which is SSL industry’s leading brand in providing online SSL Certificates, ClickSSL will contribute in the industry expertise along with its offering of cheap SSL certificate for online e-Commerce websites, web applications, and many more…

During 2009 there is vigorous progress in hacking activities, there in line of combat, and the unnamed sections they bull's eye for accessible e-Business fraud. We at ClickSSL contribute equivalent bold cyberspace surety solutions" said the spokes person from ClickSSL during their website go into.

ClickSSL is authorized reseller of VeriSign certificate authority. By its website, ClickSSL will appropriate owners of online businesses to buy SSL certificates or renew SSL certificates in a cost effective way. SSL Certificates from ClickSSL let have mention convenience to your website and make your online discovery transactions safe from hackers and prevent from documented access.

Secure Sockets Layer (SSL) protects your website and makes it uptown for your website visitors to trust you in three far-reaching behavior, such as SSL Certificate enables encryption of sensitive information during online transactions, SSL Certificate contains unique, documented information about the certificate owner and last but not least, the Certificate Authority verifies the identity of the certificate owner when it is issued.

ClickSSL is the square deal grasp for you to buy SSL certificates online. Whether it’s easy SSL documentation for the essential online businesses or EV SSL certificates, Code Signing SSL certificates, Wildcard SSL certificates and so on depending on your Business, ClickSSL is your one stop shop for all kinds of VeriSign SSL certificates.

For more information visit https://www.clickssl.com

Fraud Alert: Phishing and Potential Business Impact

As one of the top cyber crime ploys impacting both consumers and businesses, phishing has grown in volume and sophistication over the past several years. The down economy is providing a breeding ground for new, socially-engineered attempts to defraud unsuspecting business people and consumers. With honest money-earning avenues less available, the cyber crime ecosystem is ready with off-the-shelf phishing kits. It no longer takes a hacker to enable and commit fraud on the Internet — anyone with a motive can join in.
The potential impact on a business can be great — whether an employee or its customers have been phished, or the company Web site has been compromised. Organizations need to stay current on the latest methods employed by cyber criminals and proactively take steps to prevent this type of fraud.
How Phishing Could Impact Your Business?

While the financial industry continues to be a primary target for phishers, it’s certainly not the only sector vulnerable to attack. Auction sites, payment services, retail, and social networking sites are also frequent targets. The APWG also reports a massive increase in attacks aimed at cell phone providers and manufacturers. In short, no business or brand is inherently safe.
Phishing attacks that pose as a company’s official Web site diminish the company’s online brand and deter customers from using the actual Web site out of fear of becoming a fraud victim. In addition to the direct costs of fraud losses, businesses whose customers fall victim to a phishing scam also risk:
  • A drop in online revenues and/or usage due to decreased customer trust
  • Potential non-compliance fines if customer data is compromised
Even phishing scams aimed at other brands can impact a business. The resulting fear caused by phishing can cause consumers to stop transacting with anyone they can’t trust.

Protecting Your Business

While there is no silver bullet, there are technologies that can help protect you and your customers. Many of the current phishing techniques rely on driving customers to spoofed Web sites to capture personal information. Technology such as Secure Sockets Layer (SSL) and Extended Validation (EV) SSL are critical in fighting phishing and other forms of cyber crime by encrypting sensitive information and helping customers authenticate your site.

Security best practices call for implementing the highest levels of encryption and authentication possible to protect against cyber fraud and build customer trust in the brand. SSL, the world standard for Web security, is the technology used to encrypt and protect information transmitted over the Web with the ubiquitous HTTPS protocol. SSL protects data in motion which can be intercepted and tampered with if sent unencrypted. Support for SSL is built into all major operating systems, Web browsers, Internet applications and server hardware.

To help prevent phishing attacks from being successful and to build customer trust, companies also need a way to show customers that they are a legitimate business. Extended Validation (EV) SSL Certificates are the answer, offering the highest level of authentication available with an SSL Certificate and providing tangible proof to online users that the site is indeed a legitimate business.

EV SSL gives Web site visitors an easy and reliable way to establish trust online by triggering high security Web browsers to display a green address bar with the name of the organization that owns the SSL Certificate and the name of the Certificate Authority that issued it. Figure 2 shows the green address bar in Internet Explorer.

The green bar shows site visitors that the transaction is encrypted and the organization has been authenticated according to the most rigorous industry standard. Phishers can then no longer capitalize on visitors not noticing they are not on a true SSL session.
While cyber criminals are becoming adept at mimicking legitimate Web sites, without the company’s EV SSL Certificate there is no way they can display its name on the address bar because the information shown there is outside of their control. And they cannot obtain the legitimate company’s EV SSL Certificates because of the stringent authentication process.

Consumer and Employee Education:

In addition to implementing EV SSL technology, businesses should continue to educate their customers and employees on safe Internet practices and how to avoid cyber fraud. Teach them how to recognize the signs of a phishing attempt such as: misspellings (less common as phishers become more sophisticated), generic greetings instead of being personalized, urgent calls-to-action, account status threats, requests for personal information, and fake domain names/links.

Also educate your customers and employees on how to recognize a valid, secure Web site before they provide any personal or sensitive information by:
  • Looking for the green bar
  • Making sure the URL is HTTPS
  • Clicking on the padlock to match the certificate information with the Web site they intended to go to
Education is a key component of building the trust necessary to overcome phishing fears. By helping your customers understand how to confirm they are safe on your Web site, you can grow revenues, differentiate your offering, and/or benefit from operational savings by moving more transactions online.

Phishing will continue to evolve into new forms, while attempting to take advantage of human behaviors such as compassion, trust, or curiosity. Protecting your brand and your business from phishing requires constant diligence, but pays rewards beyond reduced fraud losses.

By educating and protecting your customers with the highest levels of protection provided by EV SSL Certificates, your business can ensure customers have greater confidence in your online services. By demonstrating leadership in online security, you can broaden your market appeal and in doing so, generate new revenue streams.

For more information visit: ClickSSL.com

A Smart Way to Secure Your Network From Hackers & Viruses.

In last two decades the world has became the “Cyber World”. The technology helps people to connect so many people around the world and expand their horizons of knowledge. It also helps them to increase their business worldwide. Before this era, people were not so aware of technology. But today they are using it in each and every phase of life either for communication or for a business.

Like every coin has two sides, the jump of the cyber technology also motivate the cyber hacking. Cyber crime is also increased in last decade. These hackers can stole the secret data from victim’s computer or a network and misuse them. Because of this kind of problem, people find themselves insecure and avoiding online for secure data.

To overcome these problems SSL Certificate was invented. SSL Certificates are developed on protocol SSL (Secure Socket Layer) by Netscape in 1994. Netscape used encryption and decryption technology to make data unreadable for hackers. Incase hackers steal encrypted data then even he cannot read get correct data.


Later technology established SSL certificate standards and authorized few organizations to work as SSL certificate issuer like VeriSign, GeoTrust, Thawte, Equifax, Entrust, Global Sign, RapidSSL, Comodo, ClickSSL. All these Certificate Authorities are authorized for issuing Web Trust certificates. SSL technology started supporting up to 256 bit encryption to secure online data.

The SSL protocol is used by millions of e-Business providers to protect their customers ensuring their online transactions remain confidential. In order to be able to use the SSL protocol, a web server requires the use of an SSL certificate.

Sites will get SSL encryption to cover any area that involves an exchange of data including login boxes, credit card payments, or any personal information. All web browsers have the ability to interact with SSL secured sites so long as the sites SSL is from a recognized Certificate Authority, such as VeriSign.

Here is good news for domain seller, hosting providers and affiliates that ClickSSL has started offering Free SSL reseller program. ClickSSL already offer up to 80% discount on regular pricing to end customers. Now guess what will be reseller pricing. You will have unbelievable discount on reseller pricing.

As online shopper, seller or banker trust only SSL certificate website. Real merchants always used SSL certificate securing customer credit card details and private information. Do not get abused with good web designs and words, as scammers always use such scamming ideas. Trust only SSL certificate secured websites.

For more information visit: ClickSSL.com

Extended Validation Certificate

What is Extended Validation Certificate?

Extended Validation Certificates (EV) are very special X.509 certificate which requires more extensive investigation of the requesting entity by the certificate authority (CA) before being issued. In normal terms Extended Validation is new generation of certificate which intended to user to give more confidence on website where they are using/providing their personal or financial information. It also assure end user that you legal identity which is verified by certificate authority.

How Extended Validation Certificate works?


High Security Browser like latest version of Internet Explorer, Firefox checks in background when an SSL certificate has been authenticated using Extended Validation. It will also check about https in web address with pad lock, browser web address bar turns address bar in GREEN. You can also notice legal identity name to which the Extended Validation Certificate has been issued.


Why online business require EV Certificate?

Do you own website where users are providing their sensible financial as well as personal information? If yes, you must use Extended Validation Certificate. It helps your user to confidence in your website. They know you are what you are claiming. You are not any phishing site identical like your website. They knows about your organization and validate your information. Please check my previous blog for phishing

What documents are require to get your self Extended Validation Certificate?

As per CA/Browser It also include that Certificate Authority may require more document if they are not satisfied with documents provided to them. Following Information/Documents are required for Extended Validation Certificate:

Applicant information SHALL include, but not be limited to, the following information:

  • Organization Name: The Applicant’s formal legal organization name to be included in the EV Certificate, as recorded with the Incorporating or Registration Agency in the Applicant’s Jurisdiction of Incorporation or Registration (for Private Organizations), or as specified in the law of the political subdivision in which the Government Entity operates (for Government Entities), or as registered with the government business Registration Agency (for Business Entities);
  • Assumed Name (Optional): The Applicant’s assumed name (e.g., DBA name) to be included in the EV Certificate, as recorded in the jurisdiction of the Applicant’s Place of Business, if requested by the Applicant;
  • Domain Name: The Applicant’s Domain Name(s) to be included in the EV Certificate;
  • Jurisdiction of Incorporation or Registration: The Applicant’s Jurisdiction of Incorporation or Registration to be included in the EV Certificate, and consisting of:
    • City or town (if any)
    • State or province (if any), and
    • Country.
  • Incorporating or Registration Agency: The name of the Applicant’s Incorporating or Registration Agency;
  • Registration Number: The Registration Number assigned to the Applicant by the Incorporating or Registration Agency in the Applicant’s Jurisdiction of Incorporation or Registration and to be included in the EV SSL Certificate. If the Incorporating or Registration Agency does not issue Registration Numbers, then the date of Incorporation or Registration SHALL be collected;
  • Applicant Address: The address of the Applicant’s Place of Business, including-
    • Building number and street,
    • City or town,
    • State or province (if any),
    • Country,
    • Postal code, and
    • Main telephone number.

VeriSign Seal Sets Staggering New Record with More than Half a Billion Views in a Single Day

Symantec Corp. announced that its VeriSign seal is seen more than a half billion times in a single day by Internet users. Additionally, another milestone was recently surpassed with more than 100,000 websites now displaying the VeriSign seal— more than six times that of the second most popular security mark.

Chosen for display by more than 100,000 authorized sites, the VeriSign seal is far and away the No. 1 trust mark on the Internet. The new high water mark for the VeriSign seal views was lead by organic growth coupled with the growing impact of VeriSign Seal-in-Search, in which the VeriSign seal appears next to search results for VeriSign Trust Services customers indicating to consumers that the sites are free of malware and use VeriSign SSL Certificates.


“More Internet businesses than ever before now display the VeriSign seal, which shows that the Internet’s most recognized trust mark is broadening its reach,” said Fran Rosch, vice president of Trust Services at Symantec. “These dramatic gains in VeriSign seal views reveal the persistent advantage VeriSign customers can have over competitors. With features like VeriSign Seal-in-Search, businesses begin building trust even before consumers visit their sites. More than 100,000 online businesses recognize how valuable that is.”

Businesses can display the VeriSign seal by deploying VeriSign SSL or Extended Validation (EV) SSL Certificates, which provide full business authentication and up to 256-bit encryption of online transactions and communications. For sites that don’t require SSL encryption but need to reassure visitors that they have reached a trustworthy site, a standalone version of the VeriSign Trust Seal is also available.

All VeriSign seals further build confidence among site visitors by communicating that the identity of the site’s operators has been authenticated by Symantec and that the site is scanned daily for malware. VeriSign seal customers also benefit from VeriSign Seal-in-Search, a service the company launched in early 2010. Through VeriSign Seal-in-Search, participating search engines, partners and security tools display the VeriSign Trust Seal next to a website’s link within search results. VeriSign Seal-in-Search gives VeriSign customers an instant competitive advantage over sites whose search results lack a trust indicator.

Original Source: Symantec

How can the VeriSign Seal work best for you?

Purchasing your VeriSign SSL Certificates means that you have the right to display the world’s most recognized Internet trust mark. When visitors to your web site see the VeriSign seal, they feel more confident to complete their online business and you will notice a marked reduction in abandonment rates and increase in online transactions.

HERE ARE A FEW TIPS ON WHERE TO PLACE THE VERISIGN SEAL ON YOUR SITE FOR MAXIMUM IMPACT.

Don’t make the customer expend any effort or time searching for peace of mind.

If a new customer comes to your web site seeking reassurance that the site is trustworthy and secure, one of the FIRST things they want to see on the homepage is the VeriSign seal. For this reason we recommend that you keep it high on the home page of your web site (definitely above the “fold” line so that they don’t have to scroll down to look for it).


Let the customer see it when they need it the most.

Customers need the most reassurance at the point where they are about to share private information—e.g., on the page where they have to enter their log-in credentials or share credit card information. For this reason, we recommend that the VeriSign seal be displayed on all pages where this type of data is requested. The VeriSign seal should be displayed in close proximity to the area requesting information.

Don’t let the display of the VeriSign seal seem like an after-thought.

Your brand is important to your customers, and for this reason, you have associated it with the best-of-breed Internet security brand. Let this be evident when displaying the VeriSign seal. Avoid placing the seal within the footer of the page where it might not be seen, or where the visitor needs to search for it. Make it one of the most visible aspects of your web site and place it where it can be easily seen.

Get your customer’s attention early in their purchase process.

Given all of the noise experienced on the Internet, you need to get to customers as early as possible in their purchase cycle. By displaying a trust mark next to a link in search results, your web site is naturally differentiated. Customers are drawn to links that display a trust mark while they’re in the process of doing searches and comparison shopping.

The VeriSign Seal-in-Search feature displays the VeriSign seal within search engine results for web sites using VeriSign SSL Certificates. The VeriSign seal is displayed next to the link of the trusted site. Seal-in-Search™ helps to increase link visibility and improve consumer confidence, which could lead to higher click rates and improved traffic to trusted web sites. You can confirm that Seal-in-Search is activated for your site with a visit to your VeriSign Trust Center account.

Make sure you display a valid VeriSign seal.

It is very important that you only display the VeriSign seal on the web site that is secured with a valid VeriSign SSL Certificates.

For more information visit ClickSSL.com

Majority of World's Top Websites Choose GeoTrust SSL Certificates for Cost Effective Site Encryption

GeoTrust Maintains Leadership Position Since June 2010 and Consistently Outranks Go Daddy and All Other Competitors

As the busy online holiday shopping season approaches, more of the most-visited websites on the Internet will be secured by GeoTrust, Inc., a leading certificate authority, than any other Secure Sockets Layer (SSL) provider. Such is the conclusion of the November 2010 Alexa Netcraft Index, a monthly measurement of SSL Certificates used on the busiest domains worldwide.

Since the inception of the research standard six months ago, GeoTrust has led the low-cost, high-volume segment of the SSL market over competitors such as Go Daddy. The November 2010 Alexa Netcraft Index showed that GeoTrust secured 35,311 unique domains among the 1 million most visited sites whose SSL usage is tracked by Netcraft. The premium category VeriSign brand followed in second, protecting 30,115 unique domains, with low-cost provider Go Daddy trailing with 27,171.

“While all signs point to a busier holiday shopping season in 2010, it’s still a tough time out there for online businesses,” said Jeff Barto, senior product marketing manager for GeoTrust. “More businesses prefer GeoTrust because our globally-trusted SSL certificates offer easy acquisition and fast delivery at cost-effective prices. We expect to extend our leadership on the strength of our aggressive pricing and the recently announced Switch Campaign, which gives growing small businesses a winning option for world-class SSL protection from security experts.”

Prepared by Catapult Data Services, the Alexa Netcraft Index obtains an accurate picture of SSL certificate usage across the websites that matter most by cross-referencing the Netcraft SSL Survey with the Alexa 1 Million list. The Netcraft SSL survey tallies all publicly facing SSL certificates on the internet, including "parked" certificates on unused or infrequently visited websites. The Alexa 1 Million is a well-known site traffic measurement service that ranks the1 million most visited sites in order of popularity.

With SSL certificates issued in more than 150 countries around the world, GeoTrust offers world-class SSL certificates with fast delivery at a cost-effective price. Enabling up to 256-bit SSL encryption, they include a range of GeoTrust® True Site seals based on the desired level of identity verification.

About GeoTrust

A wholly owned subsidiary of Symantec, Corp. (NASDAQ: SYMC), GeoTrust is the world's largest low-cost digital certificate provider. More than 100,000 customers in over 150 countries trust GeoTrust to secure online transactions and conduct business over the Internet. GeoTrust’s range of digital certificate and trust products enable organizations of all sizes to maximize the security of their digital transactions cost-effectively.

About Symantec

Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored.

Original Source: Symantec

Cheap SSL Certificates and Online Security

Online security is the concern of most of the websites since the information available there is accessible to hackers unless encrypted. The digital certificates that provide such security protocol on internet are known as SSL (Secure Sockets Layer) certificates. Procuring such digital certificate is must for those websites which deals with sensitive information such as internet banking passwords, credit card or debit card numbers, social security numbers, confidential business transactions, online financial transactions etc.

Initially developed by Netscape for transferring private documents over internet the SSL protocol works via a private key that encrypts the data that has to be relocated. This protocol is supported by all the available web browsers and the URLs that require an SSL connection start with https: rather than http:.

SSL certificate is made available to a website once its identity is authenticated by the SSL service provider. Once the website is authenticated, the SSL certificate will encrypt the data which is being entered there is sent to the server. If there is no SSL certificate available on the website, while submitting their personal information, the customer will get the warning regarding the misuse of their data.

There are different types of SSL certificates available in the market and one can find out a SSL certificate that suits their requirements. Price of SSL certificate generally depends on their size whether it is 40, 56, 128, 256-bits or higher and the amenities they provide. Cheap SSL Certificates are available in the market, however before purchasing them look for the type of security they are going to provide. These days many companies are attracting customers with free SSL certificates but with such certificates comes other services that one has to buy mandatory.

Free or cheap SSL are available quickly and electronically while the premium ones are available once the company information or individual ID supported by a letter from attorney or accountant is submitted to the service providers. However, give a thought regarding your business needs before opting for SSL certificate purchase. Generally a standard SSL certificate has 128-bit size, cheaper ones at 90, 56, 40-bits are also offered. One can find out the appropriate SSL certificate suitable for their business needs with the help of service providers.

Another option of shared SSL is also doing rounds these days as an alternative to dedicated SSL certificates. Shared SSL certificate is available at lesser price and is generally outsourced to you by someone who has already purchased that certificate and sharing the same with you at nominal price. The major disadvantage such shared SSL offers is that the name of users who are sharing this certificate doesn’t appear on the certificate and in case the buyer with whom it is shared drop down than one is left high and dry leaving their Website insecure.

The other option for Cheap SSL Certificates is procuring discount coupons and other web promotional offers. Coupons such as GoDaddy coupons are available online that provide discounts on SSL certificate purchase. However, while choosing any of the above options of procuring a SSL certificate at lesser price make sure that the security of your website is not compromised in the longer run.

For more information visit: ClickSSL.com

The differences between SSL certificate types

So you need a certificate so you can offer SSL encryption. But which one should you get? There are so many choices out there!
Here is a generic overview of the main types of SSL certificates sold by the majority of commercial Certification Authorities (CAs). Note that vendors may use slightly different names based on their marketing.
  • Standard SSL
Your "no-frills" cert - valid for one name. This is fine for most folks - it gets you the gold lock in the browser, gives you SSL encryption, and validates your server's identity.
  • EV (Extended Validation) SSL
This is similar to a Standard SSL cert, except the validation process is a little bit more involved, allowing the CA to assert more confidence in your identity. The main benefit is that EV certs will turn the address bar green in most modern browsers (IE7+, FF3, etc.). The overall encryption is just the same as standard - it just makes it easier for the customer to be more confident in your identity to help prevent phishing.
  • UCC (Unified Communications Certificate) - multi-domain SSL or SAN SSL (Subject Alternative Name)
This is a Standard SSL cert (unless specified to be EV SSL) that allows for multiple names in the same cert. This is popular for Exchange certs, but can be used for any environment. Example you can have www.domain1.com and www2.domain2.net and server1 all be valid in the same cert. Some vendors may not allow internal names or private IP addresses (e.g. 10.x.x.x or 192.168.x.x) however some do.
  • Wildcard SSL
This is valid for *.domain.com. Note that this cuts off at the child level so it would not be valid for *.sub.domain.com - you would need a different wildcard for that. Again, these are normally Standard SSL certs unless specified as EV.
  • SGC (Server Gated Cryptography) SSL
This is a "step-up" cert so that you can increase the SSL encryption strength for clients that don't support your server's level of encryption. At the beginning of the decade this was used for servers that supported 128 bit but clients were stuck at lower levels like 56 bit. Now, it is coming back as some newer we servers are supporting 256 bit encryption - if the client also supports 256 then they will use that with a normal SSL cert, but if the client does not then it will step up the client for that connection to use 256 bit instead of 128. If neither end supports 256 bit, then it doesn't do any good.
  • 2048 bit certs
This is just a normal cert of any of the above types. This just means that you can use a 2048 bit key strength for your private key because their CA is at 2048 bit or higher. Most vendors are 2048 bit now, although there are still a small number that only offer 1024 bit certs. 1024 bit is still okay, but should be migrated away from soon within the next years or two.
  • Suggested vendor:
There are a lot of different certificate vendors, here's my personal recommended to buy Cheap SSL Certificates.

Importance of SSL Certificate for Website

The very padlock icon coupled with “https” prefix from your Attend to tag using browser first of all submitting sensitive information online. But if the business page does not have to offer an SSL Certificate, guests are able to during the day. Prior to making a purchase, seeking a forex account nicely becoming a member of a newsletter.

The SSL Certificate usually handheld certificate which unfortunately authenticates typically credit worthiness to a on the net in addition to encrypt computer data deliver to often the server understand locate sockets level (SSL) technology. Encryption is definitely the strategy of scrambling resources to help great undecipherable component perhaps definitive stay repeating up to a readable hard drive whilst thinking decryption key.

Several SSL Certificates serve a person’s automatic “passport” which often establishes a price entity’s credentials wonderful working near the web. Ideal on the internet smoker tries to delivering top secret particulars pointing towards a web server, I would say the user’s browser accesses my server’s electronic digital certificate on top of that establishes a attain connection.

An SSL certificate carries Describe the differences information:-
  • Commonly certificate owner’s name
  • Typically certificate’s serial imagine combined with expiration date
  • A xerox Applying certificate holder’s public arrest key
  • This electric personal bank that belong to the SSL Certificate issuing authority
How Should SSL Certificates work? :-

Secure SSL Certificate provides safe, easy, moreover person internet shopping. When you search online operator enters a attach field – using key written documents information, inbox address, and /or as well for a personal data – is definitely researching site’s SSL certificate enables. Usually the web browser as well as a web server grows muscle a secure, encrypted connection. The most important SSL “handshake” process, this establishes the particular guarantee session, comes together discreetly beneath ones selection asking for the interrupting one particular card holder’s browsing experience. A “padlock” icon Covered in the browser’s level club too “https” prefix Included in the URL will be the ones strategy noticed indications together with the offer visit in progress.

Types linked SSL Certificates:-

Wildcard SSL Certificates: guarantee present servers in the company of a single SSL Cert! (certification likewise masks want first-level sub-domains) They deliver which does not 256 Bit Encryption, balanced pages Seal, & web PKI in order to really manipulate Two SSL Certs.

Multiple Domain Certificates, Personal injury lawyer Cincinnati known as Unified Landline calls Certificates (UCC SSL): It supplies the a lot workable rate a variety of SSL Certificates sound level merely sealing articles and reviews domain brand names as well as an organization certificate.

Arrange a lot an hundred domain firms on you certificate.

Improve your cash flow and since the price of someone Articles and reviews Domain Certificate, because of other domain names, is very much not the money independent certificates every special domain name.

Suitable for Microsoft exchange server two thousand and seven and so Microsoft devices server.

Simplifies the entire process of supervising different certificates accompanied by changeable expiration dates.

Writer’s single, posts domain and as well, subs domain certificates. The entire build like rock-solid, 256-bit encryption technology, exhibiting of how your web property should be a secure and protected spot for readers In order to really carry out business.

SSL certificate won’t insure more secure transfer for imperative information and facts inside enhance the creditability specifically online store.

If you’re looking to order an SSL Certificate visit www.clickssl.com

UCC SSL Offers Several Benefits.

Purchasing certification for multiple domains can be an expensive proposition. It can easily eat into your profits. An alternative, known as UCC SSL, is available. Also known as a unified communications certificate this certificate allows you to give you and your customers that important protection for up to 25 domains for one price.

Trying to manage multiple domains can be a challenge for even the most experienced web site entrepreneur. However one aspect of site management that cannot be overlooked is represented by security certifications that ensure online clients their transactions are being conducted securely. Purchasing separate certification for each of your domains can be quite costly. However, there is a better solution available: UCC SSL.

Unified Communications Certificate (UCC) is a type of security certificate that covers multiple domains simultaneously. A single UCC SSL can be used for up to 25 different domains, including the multiple host names that might be found within a single domain.
Because you can combine so many domains under a single unified communications certificate, you’ll save money and won’t have to purchase individual certificates for every one of your domains. Given the cost of this certification, those charges could add up very quickly especially if you are operating a large number of domains.

Another benefit is convenience. You won’t have to worry about managing all of those different certificates when you only have one UCC SSL to be concerned about. Imagine just trying to keep track of the expiration dates for dozens of certificates for your multiple domains. If you’re wrong about just one date, you could end up losing valuable business and that’s not something most web sites can afford to risk. Because the Unified Communications Certificate has only one expiration date to remember for all of those domains, you’ll be less likely to make this type of error.

An additional benefit is that once you’ve purchase a UCC SSL for your existing domains you’ll be easily able to add new ones to the coverage as you see fit. Before you would have to worry about investing in an additional certificate before you were able to launch an additional domain. Once you’ve purchased the unified communications certificate, however, that is no longer going to be a problem.

One possible drawback is the UCC SSL will link all of your domains together under the primary domain. That means if you’re operating a couple of sites you don’t want visitors to know are connected then you may want to consider an alternative. However, most of your traffic isn’t going to recognize this issue and won’t be concerned if they do. It is just something you should be aware of when weighing the pros and cons of choosing a unified communications certificate.

Whether or not a unified communications certificate is right for you will depend on the number of domains you currently operate and how much you want to spend on providing customers with security. By saving money on a UCC SSL, you may be able to give yourself a competitive advantage over the competition with lower prices or you could just keep a larger portion of the profits for yourself. Either way, this approach to getting a certificate might be worth considering.

streetdirectory

Requiring Multi Domains to a Wildcard SSL on an Single IP in IIS 7.5

Microsoft was competent to the people of interwebs berth when they released IIS 7.5; The greater functionality that allows you to arrangement wildcard SSL certificates to multiple websites on a specific IP really helps snack the stint for IP soliloquy depletion withdrawn when disposal elaborate SSL sites on complicated calf sub domains. There a lapse agency bump you must to keeping watch out for and that is the GUI itself.

Say what now? Single IP SSL you say?

The way IIS binds multiple website hostnames to a single SSL certificate on a single IP is similar to the way it does for non-SSL. It uses HTTP 1.1 style hostname checking. “How” do you say? it maps a single IP to an SSL certificate, then once the incoming request has been un-encrypted, it then hands off the request to the associated site. Pretty cool if you ask me.

So if you have a wildcard SSL for the domain

*.mywebsite.com

And you want to host multiple sites:

https://www.mywebsite.com
https://shop.mywebsite.com
http://mysecret.mywebsite.com

You only need a single IP address! Usually you would need 3!

The Slight Problem

The commands to do this work fine, as long as you stick to using the faithful appcmd command line IIS application, but if you take the usual n00b approach of using the GUI to setup your IIS websites or happen to edit the SSL bindings for any of the sites that have been setup, you will break all the other sites that have been bound to your wildcard SSL certificate.
Take this onboard and remember it:



Get on with the show already!

In order to make this happen you need to follow this precisely:

1. Bind the server to the IP address you want to run your sites on
2. Import the SSL certificate into IIS, and make sure you check the box marked to make the SSL certificate exportable (this is a must, as there is a bug in IIS 7.5
3. Create the website you want to use a wildcard on a single IP for and give it a normal HTTP binding
4. Open an elevated command prompt window and move to C:\Windows\System32\inetsrv
5. Type the following and fill in the blanks minus the curly brackets



6. Enjoy having more than one SSL website on a single IP!

Find low cost SSL Certificate at ClickSSL

How to install SSL certificate on Apache Cpanel server

After installing the SSL certificate successfully on your web server, If you are getting some error like "unknown certificate issuer" while accessing the URL "https://www.yourdomain.com/", this blog post might resolve your problem, read on!

SSL protocol (https://) is a must for any E-Commerce website if you intend to accept payments on your own website. The first step to install a SSL certificate on your server is to generate a private key. This key (KEY) will allow you to generate a certificate signing request (CSR) and which you can then take to the certificate selling authority and get the certificate (CRT).

How to install SSL certificate on your CPanel based web server?

Log into your CPanel and go to SSL/TLS Manager. The SSL/TLS Manager will allow you to generate SSL Certificate, signing requests, and keys. These are all parts of using SSL to secure your website.

Click on the “Generate, view, upload, or delete your private keys” link

Creating a Private Key (KEY)

The first step to installing a SSL certificate is to create a private key file to be used with your SSL certificate. Please note that this private key file must be used with the specific SSL certificate that it is for. This private key is secret and should not be given out. Please note that there is no way to recover a private key file if it is lost.

Just go to the ‘Generate a New Key’ area and select the domain from the drop down, make sure you add www in front of the domain name in the “Host” text field if you want the certificate to work on www.domain.com. Select "Key Size=2048" from the drop down, otherwise certificate selling might send you back to get a new key. Press ‘Generate’ and it will create and save the key for you. This Key has been stored on server for you to be used for CSR and installing certificate later.

Now ‘Return to SSL Manager’ and go to the next step of generating CSR.

Click on the ‘Generate, view, or delete SSL certificate signing requests’ link.

Creating a SSL Certificate Signing Request

If you are obtaining a certificate from a trusted SSL provider, you must complete the signing request form to provide the information needed to generate your SSL certificate.

You will see the domain name in the drop down select box here for which you created the key in the first step. Go on to complete the other fields and hit “Generate”. If everything goes right, you will see ‘Certificate Signing Request generated!’ message. Now copy the —–BEGIN CERTIFICATE REQUEST—– until —–END CERTIFICATE REQUEST—–

Now use this CSR to buy SSL Certificate. Your CSR has also been saved on the server.

Click on the "Return to SSL Manager"

Once you get your SSL certificate, in my case, I got “Thawte SSL” certificate. To install it on your server, In the SSL Manager of your CPanel, click on “Generate, view, upload, or delete SSL certificates”

Thawte provided two certificates. You add first one in the Certificate (CRT) and upload it.

Then go to the "Setup a SSL certificate to work with your site."

Installing Certificates on server

Paste the certificate in the text area or choose a .crt file and hit ‘upload’. And here is the trickiest part, Thawte had provided two certificates, You have to add first one here. Both provided certificates have same labels such as —–BEGIN CERTIFICATE—–: and —–END CERTIFICATE—–:

After uploading your certificate successfully, ‘Return to SSL Manager’,

This is the last step for SSL installation.

Activating SSL on Your Web Site (HTTPS)

Click on the "Setup a SSL certificate to work with your site." Select the domain for which you are setting up SSL certificate from the drop down select box. As soon as you select a domain name, It will fetch its stored key and certificate (.crt) from server and populate the following boxes automatically. If it does not, then, try to his ‘Fetch’ button and hopefully it will get the required information and if it still fails, go back and check your step 1 and 2.

If your Certificate (CRT) and Key (KEY) boxes are filled it information, all you have to do is to add the second certificate in the "Ca Bundle (CABUNDLE)" text area. It says the ‘Paste the ca bundle here (optional):’ thawte did not mention it was a CA Bundle and where would it be added; they just called it a certificate.

Although it says "Paste the ca bundle here (optional):" but it definitely is not optional! Failing to add this second certificate (CA Bundle) will give you "unknown certificate issuer" error.
Add the CA Bundle and press "Install SSL Certificate" That’s it. Now open
https://www.yourdomain.com/ and hopefully you will see a padlock in your status bar/address bar.

Credit: parorrey

Windows Live ID adopts Extended Validation (EV) SSL Certificates.

Windows Live ID is very committed to the safety of its users. To further protect the users against phishing, Windows Live ID has adopted (Extended Validation) EV SSL Certificates.

EV SSL certificates require a company to undergo an extensive vetting process and provide users additional assurance about the identity and authenticity of web sites they visit. Thus when a user visits Live ID in IE7, the address bar will turn green and the identity of the company that owns the website – in this instance ‘Microsoft Corporation [US]’ – is displayed. You can get more information on EV certificates here.

Users of sites (such as Hotmail, Spaces, and Microsoft partner sites) that use Live ID authentication can now enjoy the additional protection and verified identity provided by EV SSL. Remember that in order to enjoy the additional assurance provided by EV SSL, users will have to use a newer browser that supports EV SSL, such as Internet Explorer 7. Windows Live ID is the first large scale authentication service to adopt EV certificates; our over 380 million users can now enjoy the additional protection offered by EV over 1.2 billion times a day when they login.

Mozilla Firefox and Google Chrome Updated for Security Flaws

It's a big week for browser updates, as both Mozilla and Google are updating their respective Web browsers for multiple security flaws.

The Mozilla Firefox 3.6.11 update addresses at least nine security flaws, five of which are rated as being critical by Mozilla. Among the critical flaws are memory safety hazard issues, as well as a memory corruption issue that could potentially enable an attacker to run arbitrary code.
Additionally there is a critical fix for a use-after-free memory error, which could enable attackers to make unauthorized use of allocated memory.

"Security researcher Sergey Glazunov reported that it was possible to access the 'locationbar' property of a window object after it had been closed," Mozilla's security advisory states. "Since the closed window's memory could have been subsequently reused by the system, it was possible that an attempt to access the 'locationbar' property could result in the execution of attacker-controlled memory."


Mozilla also credits HP TippingPoint's Zero Day Initiative with the discovery of a JavaScript dangling pointer vulnerability, which could also lead to an attacker taking control of user memory.

"When 'window.__lookupGetter' is called with no arguments, the code assumes the top JavaScript stack value is a property name," Mozilla's advisory states. "Since there were no arguments passed into the function, the top value could represent uninitialized memory or a pointer to a previously freed JavaScript object. Under such circumstances the value is passed to another subroutine, which calls through the dangling pointer, potentially executing attacker-controlled memory."

Firefox 3.6.11 also provides fixes for a number of interesting vulnerabilities, including one related to how Firefox handles the nearly extinct Gopher (define)server system. The Gopher vulnerability could have led to a Cross Site Scripting (XSS) attack.

There is also a fix for an SSL wildcard flaw that Mozilla notes is unlikely to ever occur, since a certificate authority isn't likely to grant the wildcard certificate.

"Security researcher Richard Moore reported that when an SSL certificate was created with a common name containing a wildcard, followed by a partial IP address, a valid SSL connection could be established with a server whose IP address matched the wildcard range by browsing directly to the IP address," Mozilla stated in its advisory.

The issue of SSL wildcards was a topic that was first raised at theBlack Hat 2009 security conference. Famed security researcher reported that the major browser vendors all had SSL wildcard flaws that could potentially be exploited. Mozilla patched the specific flaws highlighted by Kaminsky in August of 2009 with the Firefox 3.5.2 release.

Chrome 7

Google is also joining the Web browser update parade this week with the release of Chrome 7.0.517.41 for its stable channel. The release marks the first stable Chrome 7.x release for Google, after having been in its development channel for the last three months.

With Chrome 7.0.517.41, Google is providing at least 11 security fixes, five of which are labeled as having high impact and one listed as critical. The critical flaw is a browser crash issue related to the form autofill capability.

As was the case with Firefox, memory corruption issues are part of the Chrome fix list. Google has credited researcher Simon Schaak with reporting memory corruption issues with animated GIF images in Chrome.

Chrome 7.0.517.41 also provides a high impact fix for a possible URL spoofing issue that could have occurred when the page is unloaded.

Share

Twitter Delicious Facebook Digg Stumbleupon Favorites