[1] The Internet has created many new global business opportunities for enterprises conducting online commerce. However, the many security risks associated with conducting e-commerce have resulted in security becoming a major factor for online success or failure.
Over the past 7 years, consumer magazines, industry bodies and security providers have educated the market on the basics of online security. The majority of consumers now expect security to be integrated into any online service they use, as a result they expect any details they provide via the Internet to remain confidential and integral. For many customers, the only time they will ever consider buying your products or services online is when they are satisfied their details are secure.
This guide explains how you can utilize Digi-SSL™ [2] to activate the core security technology available on your existing web server. You will also learn how Digi-SSL™ allows you to protect your customer's transactions and provide visitors with proof of your digital identity – essential factors in gaining confidence in your services and identity.
Using Digi-SSL™ Certificates to secure your online transactions tells your customers you take their security seriously. They will visibly see that their online transaction will be secure, confidential and integral and give them the confidence that you have removed the risk associated with trading over the Internet.
Using Security helps you realize the benefits of online commerce:
Only if you have visibly secured your site with SSL security technology will your customers have confidence in your online operations. Read on to learn how SSL helps you achieve the confidence essential to successful e-commerce.
[1] Secure Sockets Layer, SSL, is the standard security technology for creating an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browser remains private and integral. SSL is an industry standard and is used by millions of websites in the protection of their online transactions with their customers. In order to be able to generate an SSL link, a web server requires an SSL Certificate.
When you choose to activate SSL on your web server you will be prompted to complete a number of questions about the identity of your website (e.g. your website's URL) and your company (e.g. your company's name and location).
Private and Public Key
Your web server then creates two cryptographic keys – a Private Key and a Public Key. Your Private Key is so called for a reason – it must remain private and secure. The Public Key does not need to be secret and is placed into a Certificate Signing Request (CSR [3]) – a data file also containing your details. You should then submit the CSR during the SSL Certificate application process to Digi-Sign, the Digi-SSL™ Certification Authority, who will validate your details and issue an SSL Certificate containing your details and allowing you to use SSL.
Your web server will match your issued SSL Certificate to your Private Key. Your web server will then be able to establish an encrypted link between the website and your customer's web browser.
NOTE: For detailed application and installation instructions please refer to section
'Step by step instructions to set up SSL on your web server' of this guide.
[1] The complexities of the SSL protocol remain invisible to your customers. Instead their browsers provide them with a key indicator to let them know they are currently protected by an SSL encrypted session – the Padlock:
As seen by users of Internet Explorer
Clicking on the Padlock displays your SSL Certificate and your details:
All SSL Certificates [4] are issued to either companies or legally accountable individuals. Typically an SSL Certificate will contain your domain name, your company name, your address, your city, your state and your country. It will also contain the expiry date of the Certificate and details of the Certification Authority responsible for the issuance of the Certificate. When a browser connects to a secure site it will retrieve the site's SSL
Certificate and check that it has not expired, it has been issued by a Certification Authority the browser trusts, and that it is being used by the website for which it has been issued. If it fails on any one of these checks the browser will display a warning to the end user.
Why should you use an Digi-SSL™ certificate?
Digi-Sign, the Certification Authority behind Digi-SSL™, is the fastest growing SSL Provider in the world. Unlike other Certification Authorities, Digi-Sign does not just provide SSL Certificates – they are a world-renowned security and cryptography service provider. When you are a customer of Digi-Sign, you can feel safe knowing that your website security is provided by experts. Digi-SSL™ Certificates are the most cost-effective fully validated and fully supported
128 bit SSL Certificates you can buy today! You can contact the technical support team between 7:30am - 16:00pm GMT (soon to be 24 hours). You can also feel safe in the knowledge that
Digi-Sign will validate your application in accordance with the latest digital signature [5] legislation pertaining to Qualified Certificates. This validation is done effectively and quickly, ensuring you need not wait the traditional 3 working days normally associated with a fully validated SSL Certificate.
[1] Digi-SSL™ boasts industry leading browser ubiquity – comparable to Verisign and Thawte, however without the costs associated with other SSL Providers. Digi-SSL™ Certificates are compatible with over 99% of browsers – including Internet Explorer 5.00 and above, Netscape 4.5 and above, AOL 6 and above and Opera 5.00 and above.
Digi-SSL™ benefits summary:
Digi-SSL™ Certificates are the most cost effective SSL Certificates [4] you can buy which
include:
Digi-SSL™ Certificates provide you with the key to successfully using SSL on your web server.
Testing your web server before you buy.
Try a Digi-SSL Trial™ Certificate for FREE
Trial SSL Certificates [4] provide full SSL functionality for 14 days and are fully supported by our expert technical support staff. Unlike test Certificates from other CAs [6],
Digi-SSL Trial™ Certificates are issued using the same Trusted Root CA that issues our end-entity SSL Certificates and provides 99% browser ubiquity, and NOT by a different test CA. This unique service helps you fully test your system prior to your live roll out.
Trial SSL Certificates are ideal for anyone requiring proof of ease of installation, confirmation of high quality technical support and also confirmation of compatibility with the majority of the browsers that exist today. Trial SSL Certificates are also ideal for practicing with Certificates and learning about SSL implementation before committing to installing a Certificate on your live system.
Get your free 14-day Digi-SSL Trial™ Certificate from
https://www.digi-sign.com/product/digi-ssl [7]
[1] There are four stages to set up SSL on your Microsoft IIS 5x web server:
Create a Certificate Signing Request (CSR)
A CSR is a file containing your certificate application information, including your Public Key. Generate your CSR and then copy and paste the CSR file into the web form in the enrolment process:
Generate keys and Certificate Signing Request:
[1]
[1] Visit https://www.digi-sign.com/product/digi-ssl [7] and select your SSL Certificate product type. You will be required to submit the CSR [3] into a web form. When you make your application, make sure you include the CSR in its entirety into the appropriate section of the enrollment form. When you view your CSR it will appear something like:
Be sure to copy the CSR text in its entirety into the application form, including the:
Install a Digi-SSL™ Certificate
Installing the Root & Intermediate Certificates
When your Digi-SSL™ Certificate has been issued you will receive 3 Certificates via email from Digi-Sign Security Services. Save these Certificates to the desktop of the webserver machine, then:
A: To install the UTN-USERFirst-Hardware.crt Certificate:
B: To install the Digi-SignCADigi-SSLXp.crt or Digi-SignCADigi-SSLXs.crt:
[1] Select Administrative Tools
Important: You must now restart the computer to complete the installation
Open the Properties of the default website and ensure that SSL port contains the number 443 (it should default to this number automatically). You may want to test the Web site to ensure that everything is working correctly. Be sure to use https:// when you test connectivity to the site.
As a valued Digi-SSL™ customer we encourage you to display the Digi-SSL™ secure site seal to help promote your secure site to customers. The secure site seal is free to all Digi-SSL™ customers.
Contact us to discuss our Digi-Seal™ technology and how providing real-time identity assurance to customers to help establish even more confidence and trust with your customers.
Links:
[1] https://www.digi-sign.com/downloads/download.php?id=aacd-digi-ssl-pdf
[2] https://www.digi-sign.com/digi-ssl
[3] https://www.digi-sign.com/support/digi-ssl/generate+csr
[4] https://www.digi-sign.com/ssl+certificate
[5] https://www.digi-sign.com/digital+certificate
[6] https://www.digi-sign.com/certificate+authority
[7] https://www.digi-sign.com/product/digi-ssl