 |
SSL Certificates FAQ
|
|
|
SSL Services
Questions
What is the
VeriSign Certificate Center?
Which
VeriSign SSL Certificates are capable of 128-bit encryption?
Which
VeriSign SSL Certificates are capable of 256-bit encryption?
Which
VeriSign SSL Certificates display the green address bar in high security
browsers?
Which
VeriSign services are available to companies located outside the U.S.?
Can
I share SSL Certificates on multiple servers with the same domain name?
How
do I speed up SSL processing?
What
is Managed PKI for SSL?
Can
I purchase multiple certificates without buying Managed PKI for SSL?
What
are the responsibilities of the administrator for Managed PKI for SSL?
What
if someone from my organization orders a certificate directly from VeriSign
rather than from our Managed PKI for SSL administrator?
Do
I need software or hardware to manage SSL Certificates with Managed
PKI for SSL?
Answers
What is the VeriSign Certificate
Center?
The VeriSign Certificate
Center is a personalized, self-service console that makes purchasing and
managing SSL Certificates fast and easy. This complimentary service
gives you the ability to administer single or multiple certificates
from a centralized location with complete and secure access to all certificate
management functions, including order status, certificate details, renewal
and revocation, and stored contact and payment information.
Which VeriSign SSL Certificates
are capable of 128-bit encryption?
All VeriSign SSL Certificates
are capable of 128-bit SSL encryption as long as users have the right
browser and operating system.
Millions of Internet users worldwide use browsers
that will not connect at 128-bit encryption unless there is an SGC-enabled
certificate on the server. Other SSL providers claim to offer '128-bit
certificates,' but they do not offer 128-bit SSL encryption to the most
possible site visitors. VeriSign (including its subsidiaries, affiliates,
and resellers) is the leading SSL provider to offer SGC-enabled SSL
Certificates, which provide 128- or 256-bit encryption to over 99.9%
of Web site visitors. (SGC:
Strongest SSL Encryption.)
Which VeriSign
SSL Certificates are capable of 256-bit encryption?
All VeriSign SSL Certificates offer 256-bit
encryption if the browser and server software both support SSL encryption
at this level. Some browsers (such as Mozilla Firefox) and servers are
capable of 256-bit SSL encryption. When 256-bit-capable browsers and
servers connect to each other, all VeriSign SSL Certificates enable
a 256-bit session. A number of leaders in the e-commerce space use VeriSign
SSL Certificates to enable 256-bit SSL sessions today.
Which VeriSign
SSL Certificates triggers the green address bar in high security browsers?
To trigger the green address bar, an SSL Certificate
must meet the Extended Validation Standard. VeriSign offers several
'EV' SSL Certificates:
Secure
Site Pro with EV: True 128-bit SSL with Extended Validation
Managed
PKI for SSL Premium with EV: True 128-bit SSL with Extended
Validation
Which VeriSign services are
available to companies located outside the U.S.?
VeriSign SSL Certificates are
available for purchase worldwide. If your business or servers are located
outside the United States, you can purchase our certificates from a
VeriSign affiliate in your country, purchase Secure Site or Secure Site
Pro SSL
Certificates online directly from VeriSign, or contact
our sales department for Managed PKI for SSL services.
Can I share SSL Certificates
on multiple servers with the same domain name?
The VeriSign subscriber agreement
prohibits customers from using a certificate on more than one physical
server or device at a time, unless the customer has purchased the Licensed
Certificate Option. VeriSign’s licensing policy allows licensed certificates
to be shared in the following configurations: redundant server backups,
server load balancing and SSL accelerators. See Licensing VeriSign Certificates:
Securing Multiple Web Server and Domain Configurations for more information.
How do I speed up SSL processing?
You can ensure optimal Web site
performance with an SSL acceleration device. SSL accelerators improve
Web site efficiency during peak times and improve SSL processing to
prevent delays. If the SSL accelerator contains a certificate pointing
to multiple servers, the customer must purchase additional licences
for each server pointed to in the server farm. Learn more about SSL
Accelerators.
What is Managed PKI for SSL?
Managed
PKI for SSL is a service to purchase, issue and manage multiple
SSL Certificates. It is recommended for any organisation with more than
5 certificates. Your administrator buys multiple standard or true
128-bit SSL Certificates and issues them instantly as needed
to servers or domains using our Web-based management interface.
Can I purchase multiple certificates
without buying Managed PKI for SSL?
You can purchase as many SSL
Certificates as you need without Managed PKI for SSL, but managing enrolment,
issuance and renewals of multiple certificates one-by-one is tedious
and time-consuming. The Managed PKI for SSL single point of control
gives you one interface with audit logs to manage certificates for your
whole organisation. When you purchase certificates in multiples, you
may save 20% to 40% or more (depending on the number and type of certificates
purchased). Each certificate’s validity period begins when it is issued
by the Managed PKI for SSL administrator. See 10
Tips for Managing Multiple Servers for more information.
What are the responsibilities
of the administrator for Managed PKI for SSL?
The administrator for Managed
PKI for SSL becomes the SSL Certificate Authority (CA) for your domain.
Using the Web-based MPKI for SSL Control Center, the administrator can
issue, renew and revoke certificates. The administrator also manages
access privileges and can customise enrolment pages. VeriSign manages
the back-end services in our state-of-the-art facilities.
What if someone from my organisation
orders a certificate directly from VeriSign rather than from our Managed
PKI for SSL administrator?
During enrolment, VeriSign compares
the domain name listed in the Certificate Signing Request (CSR) to the
domains associated with all Managed PKI for SSL accounts. If someone
from your organisation applies to VeriSign directly for a certificate,
we notify the user that your organisation already has a Managed PKI
for SSL account and present the user with the option of continuing with
either the "retail" enrolment path or the Managed PKI for
SSL enrolment path associated with that domain name. “Domain blocking,”
an optional feature for Managed PKI for SSL customers, will disable
the retail enrolment path.
Do I need software or hardware
to manage SSL Certificates with Managed PKI for SSL?
A Web browser with access to the Internet is
the only thing your organisation needs to use Managed PKI for SSL or
Managed PKI for Intranet SSL. VeriSign provides the rest. Managed PKI
for SSL service components are accessed using SSL encryption and 2-factor
authentication.
|
|
