Security Certificates: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
Line 1: | Line 1: | ||
==What are Security Certificates and what are they used for? | ==What are Security Certificates and what are they used for?== | ||
*Security Certificates are a method of establishing trust and encrypting communication between different entities on a network | *Security Certificates are a method of establishing trust and encrypting communication between different entities on a network | ||
**An entity can be a person or a computer | **An entity can be a person or a computer |
Revision as of 15:52, 2 August 2012
What are Security Certificates and what are they used for?
- Security Certificates are a method of establishing trust and encrypting communication between different entities on a network
- An entity can be a person or a computer
- Certificates are issued to each entity, much like an identification card might be issued to each member of an organization
- Each Certificate must be signed by a Certificate Authority, often referred to as the CA
- Every certificate signed by the CA will trust every other certificate that is also signed by the same CA
- When two certificates trust each other, they can be used to encrypt a connection
- This is especially important when transmitting a username and password across the internet
- Each service provided by Computerisms will use Security Certificates to encrypt network connections
- Sites you visit that have https:// in the address bar are secured by a certificate
So why do I get a Security Certificate Warning?
- Certificate warnings indicates that your computer does not know the origin of the certificate on the server
- When you go to an https enable site that does not show the warning, it is because the certificate on the server and a certificate on your computer have been signed by the same CA
- Since Computerisms doesn't pay the hefty fees to have its certificates signed by a CA used by your computer, it cannot verify if the origins of the certificate on the server are legitimate
- Since your computer cannot verify the origin of the certificate on the server, it cannot establish a trust relationship with the server
- The warning will inform you that the certificate on the server cannot be trusted because its origins cannot be confirmed
- Since you know the origins of the certificate (It comes from Computerisms), you can override your computer's paranoia
- By temporarily overriding the warning, you instruct your computer to trust the certificate on the server
- Once the trust is established, then the certificates can be used to encrypt the communication so your password is not transmitted in clear text
- Certificates can be purchased for the server so the warning doesn't appear in your browser, but they are prohibitively expensive for our hosting environment
- Certificates in general are very very expensive in proportion to the effort required to make them.
- Computerisms can make certificates that will encrypt a connection every bit as good as a paid certificate for a small fraction of the cost
- Certificates generated by Computerisms will not be automatically trusted by your computer, and therefor will always show you the certificate warning
- In the case of Computerisms and its customers, we can manually establish our trust, which in turn allows encryption of our passwords
- Despite the warning, the encryption is still taking place on our system
- Said another way: Security certificates are still securing your transmission, even though the warning might make you think otherwise.
- Despite the warning, the encryption is still taking place on our system
- Computerisms Certificates can be installed on your machine in such a way that your computer will trust the Computerisms certficates
- If you do not want to see the warning at every page, then please follow these instructions
Importing the Computerisms Certificate Authority
|
|
| |
|
|
| |
|
|
| |
|
|
| |
|
|
| |
|