What is a secure server
certificate and what does it do?
A secure server certificate (also called simply
a "cert") resides on a Web server. Combined with the
security components built into the Web server and the visitor's
Web browser, the secure server certificate provides the following
functions for secure e-commerce transactions:
 |
Provides confirmation
to a Web site visitor's browser that the company represented
by the current domain being visited (somecompany.com)
is, in fact, the company listed in the certificate. This
prevents someone from just setting up a Web site and claiming
they are your company and accepting payments from visitors. |
|
Sends all confidential
information (such as credit card information) from the
visitor's browser to the Web server in a secure mode using
encryption technology that prevents this information from
being easily intercepted and used. This prevents someone
from obtaining the confidential information during the
transmission to the Web server. |
The above two functions are performed automatically
by Web server and browser without any intervention required by
the user.
Do I need a secure server
certificate?
Determining whether you need a secure server
certificate is really very simple. You will need a certificate
if the following applies:
You want your customers to transfer
confidential information using any form of your domain name,
like yourdomain.com, secure.yourdomain.com, etc. Certificates
are issued on a per-domain name basis and provide confirmation
that the domain being visited is owned by the company listed
in the certificate. It is highly recommended that you obtain
your own secure server certificate; it is the only way your
customers can know that they are doing business with your company.
You will not need a secure server certificate
if the following applies:
You will be using someone else's
certificate. This will apply if you use the shared
secure server that may be offered by your Web host provider,
you use the shared secure server offered by a third-party online
store and shopping cart service like Yahoo!, RS Mall, iCat,
etc., or you use the shared secure server offered by your payment
system/gateway that usually is included with your merchant account
(like Authorize.net). Remember, if you do not have your own
certificate, your customers will not be able to confirm that
they are doing business with your company. For example, if you
use the shared server certificate offered by your Web host provider,
the only thing that can be confirmed by the customer is that
the Web host provider is who they claim to be.
How do I obtain a certificate?
To obtain a Secure
Server Certificate, complete the following 3 steps:
- Order/create
your CSR (certificate signing request). A CSR is required
before ordering a certificate from one of the Certifying Authorities
(Verisign, Thawte, or Geotrust). The following information
is required to create your CSR:
- Your domain
name
- The official
name of your business or organization
- Your business
or organization's mailing address
- A contact
e-mail adddress
- Submit your CSR
and order your certificate from the CA of your choice--Verisign,
Thawte, or Geotrust.
- Order installation
of your certificate using FutureQuest's
order form.
ORDER
NOW
|
