SSL Certificate Introduction and Cheap SSL Certificate

Previously, Aiba introduced:

Free SSL and Cheap SSL Certificates

Introduction to SSL and TLS

Secure Sockets Layer (SSL), a security protocol, was proposed by Netscape when it launched the first version of the Web browser. Its purpose is to provide security and data integrity for network communications. SSL encrypts network connections at the transport layer.

SSL uses public key technology to ensure the confidentiality and reliability of communications between two applications, preventing communications between client and server applications from being eavesdropped by attackers. It can be supported on both the server and the client, and has become the industry standard for confidential communications on the Internet. Current web browsers also generally combine HTTP and SSL to achieve secure communications. The successor to this protocol is TLS.

IETF (www.ietf.org) standardized SSL, namely RFC2246, and called it TLS (Transport Layer Security). The latest version is RFC5246, version 1.2. Technically speaking, the differences between TLS 1.0 and SSL 3.0 are very minor.

TLS uses secret key algorithms to provide endpoint authentication and communication confidentiality on the Internet, and its foundation is the public key infrastructure (PKI). However, in typical implementations, only the network server is reliably authenticated, and not necessarily its clients. This is because public key infrastructure is generally operated commercially and electronic signature certificates usually need to be purchased for a fee. The protocol is designed to some extent to prevent eavesdropping, tampering, and message forgery in the master-slave architecture application communication itself.

Main uses of SSL and TLS certificates

1. Confirm the authenticity of the website (website identity authentication): Users need to log in to the correct website for online shopping or other transactions. However, due to the extensiveness and openness of the Internet, there are many fake and phishing websites on the Internet. How can users judge the authenticity of the website and how can they trust the website they are visiting? Trusted websites will help you confirm the identity of the website.

2. Ensure the confidentiality of information transmission: When users log in to a website to shop online or conduct various transactions, they need to transmit information to the server multiple times. Much of this information is the user's privacy and confidential information, which directly involves economic interests or privacy. How to ensure the security of this information? Trusted websites will help you establish a secure encrypted channel for information transmission.

SSL Certificate Certification Level

According to the level of certificate authentication, SSL certificates can be divided into three types: DV, OV and EV:

1. DV is the abbreviation of Domain Validation, which means verifying the ownership of the website domain name. The CA certification agency will send a corresponding email to the domain name holder's email address to confirm the ownership relationship between the certificate and the domain name. Its characteristics are simplicity, speed and low price. Its disadvantage is that it cannot guarantee the identity of the website operator. Therefore, it is generally only used to provide data encryption functions and is a Class 1 verified certificate.

2. OV is the abbreviation of Organization Validation. When this certificate is issued, it will verify the identity of all units on the website and the ownership of the domain name. Therefore, general e-commerce websites often do OV certification. Of course, the price will be more expensive, and the certificate issuance cycle will be longer. It is a Class 2 or Class 3 verified certificate.

3. EV is the abbreviation of Extended Validation, which is the most stringent identity authentication. This certificate verifies the certificate applicant's ownership of the domain name, as well as detailed corporate/organization-related information. When a user visits a website that has passed EV certification, the browser display is green. Of course, the price is also quite expensive, and it is a Class 4 verified certificate.

The above domain name certificates generally support one or more domain names. There is also a type of SSL certificate that supports multiple subdomains, which is the Wildcard SSL Certificate.

Foreign SSL Certificate Providers

(1) StartSSL.com StartCom provides free StartSSL (Class 1) certificates, which are valid for one year and can be renewed free of charge upon expiration. Its root certificate has long been supported by some browsers with open source backgrounds (Firefox, Google Chrome, Apple Safari, etc.).

(2) CheapSSLs.com specializes in SSL certificates for major companies. The prices are relatively affordable. The cheapest Comodo PositiveSSL is $4.99/year (a special price of $24.95/5 years if you buy five years), and GeoTrust RapidSSL is $7.99/year (a special price of $31.96/4 years if you buy four years). You can also use the 10% discount code MissedYou.

(3) RapidSSL.com RapidSSL has its own root certificate and is a true SSL digital certificate issuing unit (Certificate Authority) that provides the world's most cost-effective single root and stable 128/256-bit digital certificates.

(4) PositiveSSL.com COMODO has passed strict reviews based on the WebTrust standard and has passed every time, making it an SSL certificate provider you can trust. Only after passing the WebTrust international security audit certification can the root certificate be pre-installed in mainstream browsers and become a globally trusted certification agency.

(5) AlphaSSL (Standard/Wildcard) is an information security product of GlobalSign, a world-renowned SSL certificate issuing authority. It is a professional SSL certificate provider that provides SSL certificates at super low prices. AlphaSSL has many years of service experience in the SSL certificate industry, and provides services to SSL certificate users around the world at low prices and high-quality services to meet the needs of the low-end SSL user market. At the same time, it is also a highly reliable SSL certificate that supports 256-bit encryption. Buy AlphaSSL Wildcard/Standard for $15/year.

via: http://qiaodahai.com/cheapest-ssl-certificates.html