FORMIDABLE CA UCC SSL CERTIFICATE


1.   What is SSL?

SSL is an acronym for Secure Sockets Layer, a global standard security technology developed by Netscape in 1994.

 

Secure Sockets Layer, SSL, is the standard security technology for creating an encrypted link between a remote system and a client – for example a web server and browser. This link ensures that all data passed between the web server and browser remains private and integral. SSL is an industry standard and is used by millions of websites in the protection of their online transactions with their customers.

 

2.   What is an SSL certificate?

SSL Certificates are small data file that digitally bind a cryptographic key to an organization’s details. When installed on a server it allows secure connections from that server to a remote client – for example, between a web server and a web browser.

 

SSL Certificates can be used in many scenarios where and data transfer needs to be authenticated and/or encrypted. Examples of this are:

  • Secure web browsing
  • Online transactions
  • Sending and receiving of email
  • Secure storage and transfer of data
  • Proving the authenticity and integrity of applications, or other code

 

3.   What is a UC Certificate?

Unified Communications Certificates, also called UC Certificates or UCC Certificates, give you full control of the Subject Alternative Name field so that you can secure up to 100 domain and/or host names with just one SSL certificate and one IP address.

 

A single UC Certificate can offer protection to multiple domains and hosts configured in your Exchange Server where a traditional or Wildcard SSL certificate cannot. Traditional SSL certificates are limited to a single domain and a Wildcard certificate can support all the first level sub-domains of a single domain, e.g. *.example .com. A UC certificate can protect different domains as such, e.g. www.example.com, www. example.net, www.someotherdomain.com, etc.

 

This is the ideal SSL certificate for your Microsoft Exchange Server or Office Communications Server.

 

4.   Why do I need an SSL Certificate?

In today's environment, online customers are more wary than ever of Internet fraud, identity theft and "phishing" schemes. Installing the proper security and validation for your site is essential to gaining your customers' trust, and for letting potential customers know your site is a secure place where they can exchange confidential information, purchase products and services and complete secure transactions.

 

5.   Why Formidable UC Certificates?

Formidable CA UC Certificates are highly trusted SSL certificates providing the industry standard encryption at an entry-level cost. Our certificates come with full business validation to give additional assurance when customers browse your site.

 

These certificates come with a golden padlock and 99.9% browser trust, and are ideal for both E-Commerce and non E-Commerce sites that require encryption. With Formidable CA UC Certificates you can have a high level of security with the golden padlock that your customers will look for to verify that your site is secure.

 

6.   Who can issue SSL Certificates?

SSL Certificates can be issued by anybody using freely available software such as Open SSL or Microsoft's Certificate Services manager. Such SSL Certificates are known as "self-signed" Certificates. However, self-signed SSL Certificates are not inherently trusted by customer's browsers and whilst they can still be used for encryption they will cause browsers to display "warning messages" - informing the user that the Certificate has not been issued by an entity the user has chosen to trust.

 

Such warnings are undesirable for commercial sites - they will drive away customers. In order to avoid such warnings the SSL Certificate must be issued by a "trusted certifying authority" - trusted third party Certification Authorities (such as Formidable CA) that utilize their trusted position to make available "trusted" SSL Certificates.

 

7.   What is a Certification Authority?

Browsers and Operating Systems come with a pre-installed list of trusted Certification Authorities, known as the Trusted Root CA store. As Microsoft and Netscape provide the major operating systems and browsers, they have elected whether to include the Certification Authority into the Trusted Root CA store, thereby giving trusted status.

 

SSL certificates issued by trusted Certification Authorities do not display a warning and establish a secure link between website and browser transparently. In such circumstances, the padlock signifies the user has an encrypted link with a company who has been issued a trusted SSL Certificate from a trusted Certificate Authority.

 

Microsoft and Netscape have therefore determined the role of the Certification Authority - to use their trusted status to "pass trust" to websites whom ordinarily would not be trusted by a customer. As a result of their "trusted" status, Certification Authorities have a responsibility to ensure they only ever issue SSL Certificates to legitimate companies. This may only be achieved by employing stringent validation processes to ensure issuance practices only allow the SSL Certificate to be issued to a legitimate company. After all, anyone relying on the presence of an SSL Certificate will do so not just for the encryption factor, but also to indicate the legitimacy of the site.

 

8.   Do all SSL Certificates provide the same security and trust?

No.

 

The value of SSL is protected by one or two standard validation processes:

 

  1. Verify that the applicant owns, or has legal right to use, the domain name featured in the application.
  2. Verify that the applicant is a legitimate and legally accountable entity.

 

Our Essential SSL certificates use check 1 above and are suitable for internal business systems used by your employees. They can be used on websites; however the Premium and EV Certificates (which use check 2 above) are more suitable due to the additional business checks performed as part of the order process.

 

The EV certificate takes these checks even further to ensure the website you are connected to is genuine and trustworthy, and is the only certificate to give the green browser bar as visual verification that your transactions are safe.

 

This means that while all Certificates will secure your site, the Premium and EV products give your customers extra reassurance that the site they are trusting is genuine. In addition, the use of the Formidable Corner of Trust increases that reassurance even more.

 

9.   Why do different SSL Certificates contain different information?

Our most basic Essential SSL Certificate only verifies domain names whereas our Premium and EV SSL Certificates are issued with either full business authentication or Extended Validation (EV) authentication, both of which require more information to validate the requesting business.

 

10. What is the Formidable Corner of Trust?

The Formidable Corner of Trust is a dynamic, animated graphic that displays in the bottom right hand corner on web pages secured by our SSL Certificates. When a visitor’s mouse hovers over your Corner of Trust, a small window appears to display information about your business. This helps establish credibility by letting them see that your business has been validated by a trusted third party. Additionally, it displays these vital identity details without distracting pop-ups or redirects, keeping your visitor on your site without disrupting their buying path.

 

11. How will customers know that my site is secure?

When you have an SSL Certificate installed on your server, your site will display:

 

  1. A padlock symbol that appears in their web browser when your site is opened.
  2. The "https" prefix in front of your URL address in the browser.

 

In addition, the Formidable Corner of Trust is clearly visible and gives additional reassurance.

 

When you install an Extended Validation certificate, the browser bar on newer versions of web browsers will appear green whenever your site is opened, indicating that your site has the highest level of validation available.

 

12. How do consumers check authentication information held within a certificate?

When browsing a secure suite, the remote server sends the certificate information to the browser. This information can be viewed by either clicking the closed padlock, check the green address bar (if secured by an EV Certificate) or click the Formidable Corner of Trust.

 

13. Do Formidable SSL Certificates work with all browsers?

Our certificates are recognised by 99.3% of browsers in use today, and cover all popular desktop and mobile browsers.

 

14. What information do you require to verify my business identity?

We recognize that strong validation is essential for the continuing growth of E-Commerce. Before issuing a certificate we validate both that the applicant owns, or has legal right to use, the domain name featured in the application and that the applicant is a legitimate and legally accountable entity. To do this we need to have access to documentation which verifies these two factors.

 

15. How long does verification take?

Provided we have sufficient validation information available through the IdAuthority, your UC certificate is normally issued the same day. If additional verification processes must be used to validate your application, the issuance process may take slightly longer. In such cases we guarantee that the Certificate is issued within 2 working days.

 

16. What is a Certificate Signing Request or CSR?

The CSR is a string of text generated by your server software and is needed as part of the certificate order process. You provide this string of text during the enrolment process to enable us to issue an SSL Certificate unique to your web server.

 

17. Can I secure multiple servers with a single certificate?

Yes, however it is not recommended due to additional security exposure and risk, except when certificates are to be shared for redundant server backups, server load balancing, and SSL accelerators.

 

18. How do I receive my SSL Certificate?

When you purchase your SSL Certificate, it is issued electronically after all validation checks are complete.

 

19. What is a Warranty?

Formidable CA SSL Certificates come with warranties so that your site's visitors can have confidence when conducting a transaction with you.

 

The amounts above represent the maximum amount site visitors may receive in compensation for a loss.

 

All warranties are subject to the terms of our relying party warranty.

 


© Copyright Formidable Solutions Ltd 2014 All rights reserved. E&OE VAT number: 138043919
Formidablesolutions.com is a trading name of Formidable Solutions Limited, a company registered in England and Wales.
Company number: 06831675