FORMIDABLE CA PREMIUM SSL CERTIFICATE


1.   What is SSL?

SSL is an acronym for Secure Sockets Layer, a global standard security technology developed by Netscape in 1994.

 

Secure Sockets Layer, SSL, is the standard security technology for creating an encrypted link between a remote system and a client – for example a web server and browser. This link ensures that all data passed between the web server and browser remains private and integral. SSL is an industry standard and is used by millions of websites in the protection of their online transactions with their customers.

 

2.   What is an SSL certificate?

SSL Certificates are small data files that digitally bind a cryptographic key to an organization’s details. When installed on a server it allows secure connections from that server to a remote client – for example, between a web server and a web browser.

 

SSL Certificates can be used in many scenarios where and data transfer needs to be authenticated and/or encrypted. Examples of this are:

  • Secure web browsing
  • Online transactions
  • Sending and receiving of email
  • Secure storage and transfer of data
  • Proving the authenticity and integrity of applications, or other code

 

3.   What is a wildcard Certificate?

A wildcard certificate is a type of Certificate which protects multiple sub-domains with a single certificate. For example, domain.com might use the sub-domain cart.domain.com to handle shopping cart, and intranet.domain.com for secure employee logins. They save you time and money buying and managing multiple certificates.

 

4.   Why do I need an SSL Certificate?

In today's environment, online customers are more wary than ever of Internet fraud, identity theft and "phishing" schemes. Installing the proper security and validation for your site is essential to gaining your customers' trust, and for letting potential customers know your site is a secure place where they can exchange confidential information, purchase products and services and complete secure transactions.

 

5.   Why Formidable CA Premium SSL Certificates?

Formidable CA Premium SSL certificates are highly trusted SSL certificates providing the industry standard encryption at an entry-level cost. Our certificates come with full business validation to give additional assurance when customers browse your site.

 

These certificates come with a golden padlock and 99.9% browser trust, and are ideal both E-Commerce and non E-Commerce sites that require encryption. With Formidable CA Premium SSL certificates you can have a high level of security with the golden padlock that your customers will look for to verify that your site is secure.

 

6.   Who can issue SSL Certificates?

SSL Certificates can be issued by anybody using freely available software such as Open SSL or Microsoft's Certificate Services manager. Such SSL Certificates are known as "self-signed" Certificates. However, self-signed SSL Certificates are not inherently trusted by customer's browsers and whilst they can still be used for encryption they will cause browsers to display "warning messages" - informing the user that the Certificate has not been issued by an entity the user has chosen to trust.

 

Such warnings are undesirable for commercial sites - they will drive away customers. In order to avoid such warnings the SSL Certificate must be issued by a "trusted certifying authority" - trusted third party Certification Authorities that utilize their trusted position to make available "trusted" SSL Certificates (such as Formidable CA).

 

7.   What is a Certification Authority?

Browsers and Operating Systems come with a pre-installed list of trusted Certification Authorities, known as the Trusted Root CA store. As Microsoft and Netscape provide the major operating systems and browsers, they have elected whether to include the Certification Authority into the Trusted Root CA store, thereby giving trusted status.

 

SSL certificates issued by trusted Certification Authorities (such as Formidable CA) do not display a warning and establish a secure link between website and browser transparently. In such circumstances, the padlock signifies the user has an encrypted link with a company who has been issued a trusted SSL Certificate from a trusted Certificate Authority.

 

Microsoft and Netscape have therefore determined the role of the Certification Authority - to use their trusted status to "pass trust" to websites whom ordinarily would not be trusted by a customer. As a result of their "trusted" status, Certification Authorities have a responsibility to ensure they only ever issue SSL Certificates to legitimate companies. This may only be achieved by employing stringent validation processes to ensure issuance practices only allow the SSL Certificate to be issued to a legitimate company. After all, anyone relying on the presence of an SSL Certificate will do so not just for the encryption factor, but also to indicate the legitimacy of the site.

 

8.   Do all SSL Certificates provide the same security and trust?

No.

 

The value of SSL is protected by one or two standard validation processes:

 

  1. Verify that the applicant owns, or has legal right to use, the domain name featured in the application.
  2. Verify that the applicant is a legitimate and legally accountable entity.

 

Our Essential SSL certificates use check 1 above and are suitable for internal business systems used by your employees. They can be used on websites; however the Premium and EV Certificates (which use check 2 above) are more suitable due to the additional business checks performed as part of the order process.

 

The EV certificate takes these checks even further to ensure the website you are connected to is genuine and trustworthy, and is the only certificate to give the green browser bar as visual verification that your transactions are safe.

 

This means that while all Certificates will secure your site, the Premium and EV products give your customers extra reassurance that the site they are trusting is genuine. In addition, the use of the Formidable CA Corner of Trust increases that reassurance further more.

 

9.   Why do different SSL Certificates contain different information?

Our most basic Essential SSL Certificate only verifies domain names whereas our Premium and EV SSL Certificates are issued with either full business authentication or Extended Validation (EV) authentication, both of which require more information to validate the requesting business.

 

10. What is the Formidable CA Corner of Trust?

The Formidable CA Corner of Trust is a dynamic, animated graphic that displays in the bottom right hand corner of the browser on web pages secured by our SSL Certificates. When a visitor’s mouse hovers over your Corner of Trust, a small window appears to display information about your business. This helps establish credibility by letting them see that your business has been validated by a trusted third party. Additionally, it displays these vital identity details without distracting pop-ups or redirects, keeping your visitor on your site.

 

11. How will customers know that my site is secure?

When you have an SSL Certificate installed on your server, your site will display:

 

  1. A padlock symbol that appears in their web browser when your site is opened.
  2. The "https" prefix in front of your URL address in the browser.

 

In addtiton, the Formidable CA Corner of Trust is clearly visible and gives additional reassurance.

 

When you install an Extended Validation certificate, the browser bar on newer versions of web browsers will appear green whenever your site is opened, indicating that your site has the highest level of validation available.

 

12. How do consumers check authentication information held within a certificate?

When browsing a secure suite, the remote server sends the certificate information to the browser. This information can be viewed by either clicking the closed padlock, check the green address bar (if secured by an EV Certificate) or click the Formidable CA Corner of Trust.

 

13. Do Formidable CA Essential SSL Certificates work with all browsers?

Our certificates are recognised by 99.3% of browsers in use today, and cover all popular desktop and mobile browsers.

 

14. What information do you require to verify my business identity?

We recognize that strong validation is essential for the continuing growth of E-Commerce. Before issuing a certificate we validate that the applicant owns, or has legal right to use, the domain name featured in the application and that the applicant is a legitimate and legally accountable entity. To do this we need to have access to documentation which verifies these two factors.

 

15. How long does verification take?

Provided we have sufficient validation information available through the IdAuthority, your Premium SSL certificate is normally issued the same day. If additional verification processes must be used to validate your application, the issuance process may take slightly longer. In such cases we guarantee that the Certificate is issued within 2 working days.

 

16. What is a Certificate Signing Request or CSR?

The CSR is a string of text generated by your server software and is needed as part of the certificate order process. You provide this string of text during the enrolment process to enable us to issue an SSL Certificate unique to your web server.

 

17. Can I secure multiple servers with a single certificate?

Yes, however it is not recommended due to additional security exposure and risk, except when certificates are to be shared for redundant server backups, server load balancing, and SSL accelerators.

 

18. How do I receive my SSL Certificate?

When you purchase your SSL Certificate, it is issued electronically after all validation checks are complete.

 

19. What is a Warranty?

Formidable CA SSL Certificates come with warranties so that your site's visitors can have confidence when conducting a transaction with you.

 

The Formidable CA Premium SSL Certificate comes with a relying party warranty of $1,000,000. The amount represents the maximum amount site visitors may receive in compensation for losses resulting directly from an online credit card transaction as a result of a mis-issued Certificate.

 

All warranties are subject to the terms of our relying party warranty.

 


© Copyright Formidable Solutions Ltd 2014 All rights reserved. E&OE VAT number: 138043919
Formidablesolutions.com is a trading name of Formidable Solutions Limited, a company registered in England and Wales.
Company number: 06831675