SSL certificate for the site

Data transmitted between the servers and browsers of visitors (we are talking about passwords, logins, card numbers, e-wallet numbers, etc.) can be stolen by fraudsters. Ensuring the protection of such transmitted data is achieved by installing SSL certificates. If they are available, all connections that are established between sites and browsers are performed over the HTTPS protocol. All information transmitted using such protocols is encrypted by cryptographic protocols, which ensures its protection.

The main requirement is the following: do not use your site for activities that may turn out to be illegal. If there are suspicions of phishing or other fraudulent actions, the certification authority will refuse to issue an SSL certificate.

In cases of attempts to access the website, the certificate can be spoofed even when the user entered his domain name correctly. SSL certificates exclude possible such substitutions - after viewing the certificate, the user makes sure that the website is hosted on the domain, which should be there, and not a copy of it. At the same time, SSL certificates provide users with the ability to verify who owns a website. This function also allows users to verify that they are visiting the site of the required organization, and not its counterpart. An important function of SSL certificates is to encrypt Internet connections. An encrypted connection is not necessary in order to prevent possible theft of confidential information in the process of its transmission on the Internet.

It is recommended to install SSL certificates in the section of the website used by users for confidential data, that is, on those pages where authorization and payment for services received is carried out. If the site has a certificate, then it is protected from all kinds of forgeries, since the user can always make sure that the resource is authentic, and also check the ownership of the site.

The correct operation of the SSL certificate will be ensured if it was issued by a special organization called the Certification Authority. All over the world there are only a few such recognized centers. We work with the following Certification Authorities: Symantec, Thawte, GoGetSSL, GeoTrust, Sectigo and GlobalSign.

SSL certificates that only certify the domain (the so-called DV certificates) are available for individuals and legal entities, as well as for individual entrepreneurs. SSL certificates that certify domains and their owner (called OV and EV certificates) are available only to legal entities.

When ordering a Wildcard certificate, it should be borne in mind that this type of certificate serves to protect the domain itself for which the certificate is purchased, as well as an unlimited number of subdomains of the same level. For example, ordering a Wildcard certificate for the domain name * .test.domain.ru will be protected subdomains 1.test.domain.ru, 2.test.domain.ru, etc. The test.domain.ru domain itself, as well as domain.ru, www.domain.ru are not protected.

The term for issuing SSL certificates is 1-3 years.

Certificates belonging to the DV (Domain Validation) category confirm the rights to manage domains, i.e. only domains authenticate. Viewing such a DV certificate gives the user the confidence to find it on the website located at the address that is entered in the browser line. At the same time, the cybercriminals did not redirect the user to a fake website. But the certificate does not contain information about the ownership of the site - there will be no information about the owner in it. This is due to the fact that the procedure for obtaining a certificate does not require the provision of documentary evidence of the customer's identification data. So they can be fictitious, that is, the customer of the certificate can be issued for another person. Certificates from the OV category (Organization Validation) can serve as a confirmation of the rights to manage a domain name and the existence of an organization with such rights, i.e. both the domain itself and its owner are verified by it. Viewing such certificates gives the user confidence in going to the site at the address entered in the browser line and receiving reliable information about the owner of this resource. To carry out the launch of the OV certificate, the customer will need documentary evidence of their own identification data. For certain types of certificates, hopeValidated by both the domain and the owner, the release procedure is set only when an extended validation of their customer has been performed. Thus, the provision by customers of data that does not correspond to real information is excluded. These are certificates from the category EV (Extended Validation). In the process of accessing sites with installed EV certificates, the line in the browser turns green and serves as an indicator that unambiguously confirms the reliability of the resource for the web user. A special type of certificates are Certificates issued for developers (Code Signing). They serve to confirm the authenticity of programs during their download, the integrity of the content, as well as the reliability of the source. By which the product is provided. Using digital signature technology, they confirm the uniqueness of the programs downloaded on the network, and provide a guarantee that the web files have not been modified.

Financial guarantees mean compensations that the certification authority will pay to the user if an attack by cybercriminals is carried out on a site with an SSL certificate, which was carried out due to vulnerabilities that are directly related to the SSL certificate.

Most certificates are issued only for the 1st domain. Exceptions are certificates that have Wildcard and SAN marks in their names. They are designed to protect multiple domains, and therefore their cost is higher. Domains and all subdomains of the same level are protected by certificates of the Wildcard category: certificates ordered for domain.ru will also protect subdomains mail.domain.ru, service.domain.ru, etc. SAN category certificates can protect up to hundreds of different domains on the 1st or multiple servers.

Through https, which is a secure protocol, all content on the page should be loaded: images and tables, scripts and everything else. If you haven't translated it, the browser will evaluate the content as unsafe. For example, a site you have a picture loaded over HTTP. The browser will warn the visitor that the website is not secure, although it has SSL. After installing the SSL certificate, the site will be accessible via http and https. To get users to https, you need to set up a redirect.

Of course we can. We help you select and install SSL certificates that you buy for your own sites, and not for subsequent resale.

The certificate contains the following information: • Version • Serial number • Search algorithm identifier • Publisher name • Validity • Subject of the certificate • Information about the subject's public key • Unique identifier of the publisher • Unique identifier of the subject • Supplements • Signature