Documentos de Académico
Documentos de Profesional
Documentos de Cultura
INTRODUCTION
WITH THE EVER-INCREASING FEAR OF CYBERCRIME, SECURING
USER TRUST ONLINE IS NOW MORE VITAL TO THE SUCCESS OF AN
ONLINE BUSINESS THAN EVER BEFORE.
Whether youre in ecommerce or electricals, holiday cottages or hedge funds, your website
is one of your most important business assets. Its your 24/7 shopfront, and you need to
ensure that its secure and performing at its best.
SSL/TLS certificates provide the security that your website requires, and creates the trust
that visitors increasingly expect before interacting with it.
The Beginners Guide to Thawte SSL/TLS will rapidly demystify how SSL/TLS technology
creates this trust, and explains why all SSL/TLS certificates and the Certificate
Authorities issuing them are not created equal.
The customers browser attempts to connect to the website secured with SSL/TLS.
The browser requests that the web server identify itself.
The server sends the browser a copy of its SSL/TLS certificate.
The browser checks whether it trusts the SSL/TLS certificate.
The browser also checks the certificate status to see if it is valid, or if it has been revoked.
Your server shares the public key with the browser. They use that key to securely agree
on the session key that is used to set up a secure and encrypted channel to exchange
data through.
Once a secure, encrypted connection is established, the customer will see that the
website address begins https rather than just http.
THE SSL/TLS
END-USER EXPERIENCE
VISITORS TO A WEBSITE DONT NEED TO BE IT EXPERTS TO SEE THAT IT IS
PROTECTED WITH AN SSL/TLS CERTIFICATE, THEIR WEB BROWSERS
PROVIDE VISUAL CUES TO LET THEM KNOW.
One prominent visual cue is that the web address will start with https:// instead of http://.
In addition, most browsers including Google Chrome, Internet Explorer, Firefox, and Safari
display a padlock icon. When clicked it displays details about the SSL/TLS certificate, including
which Certificate Authority issued it, and which company owns it.
DV SSL/TLS
DUE TO CUSTOMER PRESSURE TO PRODUCE A LOWER-COST
ALTERNATIVE, SOME CAs OFFER DOMAIN VALIDATION ONLY OR
DV SSL/TLS CERTIFICATES WHERE THE CA ONLY VERIFIES THE
DOMAIN NAME.
As a result, domain-validated certificates are issued very quickly, but no company information
is checked or displayed on the certificate, making it easier for internet criminals to gain this
type of certificate from irresponsible CAs.
WHEN TO USE DV:
Situations where trust and credibility are less important
Easy to obtain
Fast issuance
Use only for web-based applications that are not at risk for phishing or fraud
Don't use for public facing sites or sites that handle sensitive data, like log in's
OV SSL/TLS
OV SSL/TLS CERTIFICATES ARE THE ORIGINAL SSL/TLS CERTIFICATE,
AND CAs USE A ROBUST VERIFICATION PROCESS BEFORE A
CERTIFICATE IS ISSUED.
This might include checking the address where the company is registered and the name of a
specific contact. This vetted company information is displayed to visitors on the certificate,
making the ownership of the site much more visible.
WHEN TO USE OV:
Public-facing websites dealing with less sensitive transactions
More thorough vetting process than DV
Company information is displayed to users
Provides a certain level of trust about the company who owns the website.
Doesnt offer the highest visible display of trust like EV SSL (green browser bar)
EV SSL/TLS
EV SSL/TLS CERTIFICATES TAKE CUSTOMER TRUST TO THE NEXT LEVEL
AND TURN THE ADDRESS BAR IN CUSTOMERS WEB BROWSERS GREEN
TO ASSURE AT A GLANCE.
EV verification guidelines, drawn up by the CA/Browser Forum, require the CA to run a much
more rigorous identity check on the organisation or individual applying for the certificate.
This can be a time consuming process, but its worth it.
WHEN TO USE EV:
E-commerce sites and websites handling credit card and other sensitive data
Use EV SSL for the highest visible display of online trust
Comes with the green browser address bar
Increase user trust and lower bounce rates and shopping cart abandonments
Recoup the extra cost of an EV certificate in the form of increased revenue
Strengthen your credibility and brand by showcasing your commitment to online security
GETTING SSL/TLS
ON YOUR WEBSITE
DEPLOYING AN SSL/TLS CERTIFICATE ON YOUR WEBSITE IS A
SIMPLE PROCESS.
Depending on the type of SSL/TLS certificate you purchase, it can take between a few minutes to a
few days for the CA to issue the certificate.
To obtain it you will first need to generate a certificate signing request (CSR) from your web server
to the issuing Certificate Authority.
Once you receive your certificate, you will then need to install it on your web server.
Installation is straightforward, and reputable CAs like Thawte provide all the support and
instructions you need.
More Information
If you have further questions, or would like to speak with a Sales Advisor, please feel free to contact us:
Via phone
US toll-free: +1 888 484 2983
Email sales@thawte.com
Visit our website at https://www.thawte.com/ssl
France: +33 1 57 32 42 68