Getting a Digital Certificate
A Digital Certificate is issued by a trusted Certificate Authority (CA), similar to a valid Driver's License. This helps prove to users that you are who you say you are, avoiding all phishing schemes. Research suggests that sites that display a recognizable seal of trust from a trusted authority such as VeriSign, gives users confidence to do business with you. In addition, the certificate key is used to encode information sent from the user's computer to your server. This helps prevent identity theft and other security threats to your credit card information. Users will be able to see a padlock sign on the browser when encrypted data is being transmitted.
The following are ways to getting a digital certificate:
- Generating Certificate Signing Request (CSR) and Private Key: Your private key and public key can be generated with CSR generators. CSR generator products are available online.
- Sending the CSR to a CA: The public key is used to request the certificate from the CA. When you enter the CSR, you can use your public key file. At the end of the process, an e-mail will be sent to you containing the certificate from the CA.
- Installing Merged Certificate into Server: Retrieve the contents of your e-mail and merge the contents of your signed certificate with your private key file. Then install the certificate onto your web server.
Popular third party certificate authorities:
- CAcert
- Comodo
- Digital Signature Trust Co.
- Enterprise SSL
- Entrust.net
- GeoTrust
- GlobalSign
- Network Solutions: SSL Certificates
- SSL Certificate Management Site
- SSL.com
- Thawte Digital Certificates
- Trustwave
- VeriSign