Digital Certificates FAQ
What is SSL?
The SSL (secure socket layer) protocol is the web standard for encrypting communications between users and web sites. Data sent via an SSL connection is protected by encryption, a mechanism that prevents eavesdropping and tampering with any transmitted data. SSL provides businesses and consumers with the confidence that private data sent to a web site, such as credit card numbers, are kept confidential. Web server certificates are required to initialize an SSL session.
What is QuickSSL?
QuickSSL is a web server certificate that allows consumers and web sites to conduct safe e-commerce with encrypted SSL connections. QuickSSL web server certificates are compatible with 99% of all browsers. Historically, most SSL certificates cost $350 or more Quick SSL relies on GeoTrusts fully automated systems to verify that a certificate purchaser has appropriate administrative rights to a web server's domain all within ten minutes. With QuickSSL, you can assure your customers that their transactions and information are secure on the Internet without having to pay an unreasonable price.
What is the difference between QuickSSL and QuickSSL Premium?
QuickSSL Premium comes with all the features and benefits of QuickSSL, but also includes the QuickSSL Premium smart seal with dynamic date/time stamp. The smart seal is dynamically generated by GeoTrust and ensures that GeoTrust has authenticated the domain. Visitors to your site will also be able to click on the smart seal to verify that your certificate is still valid with GeoTrust, giving your customers and extra piece of mind.
What is True BusinessID?
True BusinessID provides a simple way for your
customers to view your validated organization information via a trusted third
party. True BusinessID will increase transactions and revenue by giving your
customers the confidence and assurance to trust the identity of your web site.
The result- a substantial increase in consumer confidence regarding your web
site information, services, and/or products. Even if you don't have a web site
brand name, True BusinessID will let your customers know you are legitimate.
What is the encryption strength of GeoTrust certificates?
All GeoTrust certificates are 128-bit. For each and every session, the server and browser negotiate and choose the highest common encryption strength between them. So if a 40-bit browser user hits your SSL-secured site, the resulting connection will automatically become a 40-bit strength encryption.
GeoTrust recommends that end-user Subscribers select the 1024-bit encryption strength or the equivalent descriptor option when generating their certificate requests. When the certificate's key length is 1024 or longer, the SSL session key will be 128 bit. If the certificate key length is 512, the SSL session key will be 40 bit or 56 bit.
If you are running Windows, see
Microsoft's bulletin Q300398: "You install a 128-bit high encryption certificate
onto Internet Information Server (IIS) version 4.0 or 5.0, then browse with a
128-bit enabled Web browser to IIS by using https://. However, the Web browser
only makes a 40-bit or 56-bit Secure Sockets Layer (SSL) session with IIS (size
7927 bytes, updated 6/13/2001 12:54:00 PM GMT)"
You need to have a separate IP address for each domain you want to secure. The reason for this is because a certificate is bound only to a domain name but, the SSL protocol is bound to static IP addresses; therefore, any certificate-enabled web site must have its own unique IP address. The IP can be real (routable) or internal (RFC 1918 non-routable address) but, it must be unique on a server.
How to I move a certificate from one ISP to another ISP?
You may be able to move your certificate from one ISP to another. Per our certificate licensing agreement, you must purchase a new certificate if you plan on continuing to use the certificate on its current location. Otherwise, it largely depends on the server compatibility and the willingness of your current ISP to assist you.
Your current ISP will need to export your key pair file from the server hosting your web site. Once you have the complete key pair file, you can provide it to your new ISP to import on their server. If your current ISP will not provide you with the key pair file, you will need to purchase a new certificate to use with your new ISP. If you have to purchase another certificate, please let us know and we will expedite the processing of the new request. In addition, you will not have to resubmit your business documentation as long as nothing has changed.
Please be aware that if the two ISPs are running different server types, you may not be able to import the key pair file due to server compatibility issues. If this happens, a new certificate will have to be purchased.
What type of Web Servers does GeoTrust support?
GeoTrust supports all current releases of commercial and freeware web servers supporting SSL v.3. Supported servers include: