SSL Certificate FAQs
Know more about SSL Certificates through these Frequently Asked Question (FAQs). Understand various types of SSL certificates and their features to better decide which one is right for your needs.
Question: What are SSL certificates?
Answer: SSL Certificates are small data files that digitally bind a cryptographic key to an organisation’s details. When installed on a web server, it activates the padlock in the web browser’s address bar and the HTTPS protocol (over port 443) and allows secure connections from a web server to a browser.
Question: Why do I need SSL?
Answer: There are many reasons why a website needs an SSL certificate. First of all, SSL certificates help websites gain an advantage over their competition by appearing more trusted and more legitimate. Also, these certificates provide assurance to website visitors that their data cannot be tampered with or forged by hackers. SSL certificates also ensure that a customer’s sensitive data, like personal information, credit card details, social security number, etc. can be transmitted securely from web browser to server.
Question: What are Wildcard SSL certificates?
Answer: A standard SSL Certificate would only secure www.example.com, requiring you to purchase an additional certificate for mail.example.com, however, Wildcard certificates use Subject Alternative Names (SANs) to secure ONE domain and all of its first-level subdomains. For example, a certificate for *.example.com secures www.example.com, mail.example.com, etc.
Question: What are SAN / UC SSL certificates?
Answer: Subject Alternative Names (SAN) or Unified Communications (UC) certificates allow for multiple domain names to be protected with a single certificate. For example, you could get a certificate for example.com, and then add more SAN values to have the same certificate protect example.org, example.net and even sample.com
Question: What are SGC SSL certificates?
Answer: Server Gated Cryptography (SGC) SSL Certificates, enabled older browsers to connect to websites using 128-bit encryption even if the normal browser encryption rate was 40-bit. At one time this seemed to provide a great advantage to many websites. Today, SGC certificates are widely considered to be obsolete, as browsers requiring enhanced encryption capabilities are all but extinct, and many parties contend that facilitating the use of older, insecure browsers creates more security concerns than it remedies.
Question: What are DV, OV & EV SSL certificates?
Domain Validated (DV) or Standard SSL certificate is where the CA checks the right of the applicant to use a specific domain name. No company identity information is vetted and no information is displayed other than encryption information within the Secure Site Seal.
Organization Validated (OV) or High Assurance SSL certificate is where the CA checks the right of the applicant to use a specific domain name PLUS it conducts some vetting of the organisation. Additional vetted company information is displayed to customers when clicking on the Secure Site Seal, giving enhanced visibility in who is behind the site and associated enhanced trust.
Extended Validation (EV) or Premium SSL certificate is where the Certification Authority (CA) checks the right of the applicant to use a specific domain name PLUS it conducts a THOROUGH vetting of the organisation. The audits are repeated yearly to ensure the integrity of the issuance process.
Question: What is a Website Malware Scan?
Answer: A compromised website is a danger to your reputation as an online business as well as a danger to your customers privacy & property depending on the extent of information they submit to your website. Website Malware Scan security product allows you to determine if your web applications are out of date, exploited with malware, or even if your website is blacklisted on major search engines. PCI Scans also help to ensure PCI compliance on websites accepting payment information from their customers.
Question: What is a Trust Seal or Trust Mark?
Answer: The presence of a Trust Seal helps visitors trust a website and convert general visitors into paying customers. It helps to educate website visitors on company investment in leading security technology and shows their commitment to protecting them against phishing attacks and eavesdropping. Visitors simply click on the Trust Seal/Mark to view easy to understand website security information including the organisation’s / website owners details and general SSL information assuring them that the website is authentic, protected and that they have invested in SSL to secure transactions & data transfers.
Question: Do I need a Dedicated IP Address for SSL?
Answer: Yes. Shared IPs do not work across all web browsers. To make the SSL certificate work across all browsers, it requires a Dedicated IP Address. If you still need to install an SSL certificate on Shared Web hosting, you can get a Shared Server account here.
Question: What is a CSR?
Answer: A CSR or Certificate Signing request is a block of encrypted text that is generated on the server that the SSL certificate will be used on. It contains information that will be included in your certificate such as your organization name, common name (domain name), locality, and country. You cannot obtain an SSL certificate without a CSR. Generating a CSR on the server where you plan to install your SSL certificate is the first step to getting an SSL certificate. Please contact your server administrator to generate your CSR. You may test your CSR using our free CSR Checker tool.
Question: Why are iWebz prices so low?
Answer: We are a strategic partner with many of the industry’s leading Certification Authorities (CAs). We buy SSL certificates in huge quantities, which is why we can offer you wholesale prices. You get exactly the same certificate, same quality, same brand, same satisfaction/technical guarantee, and the same after-sales phone & email support from the vendor as you would by buying direct, just at much lower prices!
Question: Is there a limit to the number of certificates I can order?
Answer: No, we do not limit the amount of SSL certificates that can be ordered. Go ahead and get as many as you need!
Question: What are the accepted modes of payment?
Answer: Currently, we accept payments in US dollars only. We accept the following Credit Cards: Visa, MasterCard, and American Express. You can also choose to pay via PayPal.
Question: How does the Buying Process work?
Answer: The buying process for ANY certificate on our website is fairly simple:
* Add the certificate to the Shopping Cart
* Enter your details on a Customer form
* Make the purchase via PayPal or supported Credit Card
* Receive an email with a link to complete the Verification process with the chosen Certificate Authority (CA)
Question: How long does it take to issue my SSL Certificate if I buy from you?
Answer: We will send you email with SSL enrollment link as soon as you complete your order of any SSL product with us. RapidSSL, RapidSSL Wildcard, and GeoTrust QuickSSL Premium Certificates are issued immediately (within few minutes) once you complete the SSL enrollment process. GeoTrust True BusinessID Certificates are premium SSL Certificates. All True BusinessID orders are typically processed within 2 – 3 working days, from the time GeoTrust receives your business documents. Depending on your order and the certificate product’s security level, it may take more or less time to complete.
Question: What happens after the Buying Process?
Answer: After you generate a CSR and submit your order via the link in the email, the vendor will validate your domain by matching the Registrant on your domain name’s WHOIS record to your company name. Please ensure that the Registrant on your domain and the Organization field in your CSR both match your legally registered name for the quickest and easiest validation. This may take up to 48-72 business hours, after which they will send an email to the Administrative/Technical Contact listed on your domain name’s WHOIS registry with further instructions on how to proceed.
Question: What is your certificate replacement / re-issuance policy?
Answer: We offer free replacement / re-issuance for all certificates which are ordered within 7 days from the certificate issue date. Refunds are also only issued within 7 days from the initial certificate issuance. To replace a certificate within 7 days of issuance, send an email containing the new CSR request along with the Order ID & Invoice Number to email@example.com
Question: With which webserver/mailserver do the SSL Certificates work?
Answer: Our certificates work with all major web servers and mail-servers.
Web server software:
* Apache / Apache2 / ApacheSSL / ModSSL / OpenSSL / SSLEAY
* Apache + Raven
* C2Net Stronghold
* Cobalt Series
* cPanel / WHM
* IBM HTTP
* IBM Domino Go 188.8.131.52+
* iPlanet Enterprise Server 4.1
* Jakarta -Tomcat
* Lotus Domino 4.6 – 5.x
* Microsoft Internet Information Server (IIS) 4.x+
* Netscape Enterprise 3.51
* O’Reilly WebSite Professional 2.x
* Deerfield (O’Reilly) Website Professional 3.x
* WebSTAR 4.x – 5.x
* Zeus Web Server v3
Mail server software:
* Exchange / Outlook Web Access (OWA)
* CPPop (cPanel mail server) and other stunnel based mail servers
* Courier IMAP
Question: What is Browser Ubiquity or Browser Recognition?
Answer: Browser ubiquity is the term used in the industry to describe the estimated percentage of Internet users that will inherently trust an SSL certificate. The lower the browser ubiquity, the less people will trust your certificate. If you are operating a commercial site, you require as many people as possible to trust your SSL certificate. As a general rule, any SSL certificate with more than 95% browser ubiquity is acceptable for a commercial site. Ubiquity is, however, not the only consideration in deciding whether one SSL certificate is better than another. Many companies running high-transaction, high-volume web sites need to maximize customer confidence and therefore buy certificates from well-known, experienced security vendors and mostly use the major players like GeoTrust and Symantec/VeriSign, who are both WebTrust compliant. If you have a low-volume website and you decide that your customers’ confidence is not affected at all by the brand behind the SSL certificate, then RapidSSL or RapidSSL Wildcard certificates are ideal.
Question: What is an SSL Warranty?
Answer: Our customers are of the utmost importance to us, which is why we only offer trusted SSL Certificates that include a warranty just in case the certificate was issued incorrectly, meaning issued to a third-party site that did not properly get verified and caused the end-user harm. Our warranties start at $10,000 and go all the way to $1,500,000. You can see the specific warranty information on every product page. Warranties protect the end-user by guaranteeing that the SSL certificate was issued to the appropriate party. Warranties are important when considering an SSL certificate purchase; it means that the issuing vendor is standing behind their certificate and its validation methods. Be wary of any certificate that does not offer some kind of warranty. We strongly recommend only purchasing SSL Certificates from reputable Certificate Authorities (CA); such as CERTUM, Symantec, RapidSSL, GeoTrust, Thawte, or Comodo.
Question: If I change the IP address for my webserver, does this matter?
Answer: An SSL Certificate is issued to a domain name and not an IP address. So, as long as your webserver is hosting the domain name for which your SSL certificate has been issued, the IP address doesn’t matter.