| Web
Certificates Frequently Asked Questions
What is a
Web-Certificate?
A Web Server Certificate permits
securer communication between a client and a server (say a customer's browser
and a web retailer's server) or two servers (any servers who want to "talk"
securely amongst themselves). Simply stated, a web-certificate is a digital
document that has unique codes to identify the holder of the certificate to the
person accessing the site.
A Personal
Certificate is issued to individuals to certify their identity. One can use
them to digitally sign email, documents, jar files etc. to prove that they were
the author, and that the files have not been tampered with.
Hostahoy.com will be
offering web certificates. Personal Certificates may be offered at a later time
along with other security products.
How does a
web-certificate work?
A Web-certificate functions
as follows:
- Whenever
anybody transacts with a "secure" web-site, their browser (or server)
authenticates the identity of the web-site using the web-certificate
- If the site's
certificate is not valid, a warning is issued to the user, otherwise the
web-cert creates an SSL (Secure Server Layer) session and encrypts any
information exchanged during that session
- This prevents
communication from being intercepted and deciphered by nefarious people on the
Internet.
Can you
explain "how a web certificate works" in "Plain English"?
Basically, when two parties (say a customer and the Amazon.com
web-site) wish to "talk" securely (transfer the customer's credit-card number
to Amazon.com), then a web-certificate sets up a "secure" session that first
verifies the true identity of the party that requests data transfer
(Amazon.com).
If a certificate is
valid, the other party (the customer) gets a message saying that its OK to
"talk" to them (Amazon.com), as they are who they say they are. The other party
(customer) then transfers the info (CC number) securely, without fear of any
nefarious elements intercepting the data.
If the certificate
is invalid, a message pops up saying so. Transactions can still occur, but at
the risk of counter party fraud (It may be joesbooks.com tying to appear as
Amazon.com)
How can
someone tell whether a website is using a web certificate or
not?
The pages of a web-site which are secured by
a web-certificate are characterized by the following traits:
- The URL of the
secure web-pages change from http://... to https://
- A lock symbol
appears in the lower left-hand (right hand) status bar in Netscape Navigator or
Internet Explorer).
If one wants to view
and verify the encryption information of the secure pages, one should simply
undertake the following:
- In Netscape -
click on the lock symbol and select "View Certificate" button
- In Internet
Explorer - double-click on the lock
 in the lower right-hand status bar.
How are your
web certificates trusted by the browsers?
Our web certificates are
automatically and transparently trusted by browsers. This trust is established
because our supplier's Root Certificate has been embedded in all major
browsers.
What
browsers will my web certificate work with?
The
web certificates we issue work with 99% of the browsers in use
today.
How do your web
certificates work for different versions of browsers?
Netscape
4.72 and newer - The root certificate is embedded in
this browser
Netscape any version before 4.72 - The root
certificate has been cross certified by a CA that is embedded in this browser
Internet Explorer 5.01 and newer - The root certificate is embedded
in this browser
Internet Explorer any version before 5.01 - The
root certificate has been cross certified by a CA that is embedded in this
browser
Cross
Certification: The process by
which two Certificate Authorities (CA) certify each other's trustworthiness.
How long
does it take to get a web certificate?
Companies
will usually receive a web certificate within three business days after the
verification has been complete. The verification period varies and relies
greatly on the information provided by the company during the application
process. See: http://www.certificateregistration.com
How strong
are Tucows server certificates?
Tucows server
certificates are 1024 bit capable and support 128 bit
browsers.
The strength of the
public key in the certificate is defined by you when you generate the key pair
for your server. If you generate a 1024-bit key pair and submit the associated
CSR (Certificate Signing Request), then the certificate you receive contains
the 1024-bit public key. If you generate a 512-bit key pair then the
certificate contains the 512-bit public key.
Is my web
certificate tied to my IP address?
No, server
certificates do not contain any information about IP addresses. However, the
domain name listed in the server certificate must match the domain name of the
server on which the Web server certificate is installed. The domain name can be
mapped to any IP address.
I am using
several servers in a load-balancing configuration. How many web certificates do
I need?
You will need one web certificate for
each of your secure servers (including any virtual servers).
How do I
correct information on my web certificate after it has been issued to me?
You must issue a request to correct your
information on your web server certificate. You can request one replacement web
server certificate within 30 days of the certificate being issued without being
charged. Any requests made after the 30-day period, or any requests outside the
primary request, will require you to purchase a new web server certificate. If
a processing error occurs, we will issue a new web server certificate at no
cost to you.
In order to change
any information, we must re-issue a new web certificate with the correct
information and re-sign it - this preserves the integrity of the web
certificate. All our web certificates are electronically signed by the Root
Certificate. This electronic signature ensures that none of the information
contained in the web server certificate has been modified or tampered with. See
http://www.certificateregistration.com.
How do I
check the status of my web certificate request?
You can check the status of your order by visiting
http://www.certificateregistration.com and clicking Track Certificate at
the bottom of the page.
How will I
know if my enrollment was successful?
The
Technical Contact, Authorized Contact and Bill Contact will receive an e-mail
when your order has been processed. This e-mail includes a link to your request
status page and links to each of the Web server certificates that have been
issued. If any of your server certificate requests have not been approved the
status page explains why.
How much do
your web-certificates cost?
Please visit our
pricing page. Click
here to purchase a digital certificate.
 |
