What are Security Certificates and what are they used for?
Security Certificates are a method of establishing trust and encrypting communication between different entities on a network
An entity can be a person or a computer
Certificates are issued to each entity, much like an identification card might be issued to each member of an organization
Each Certificate must be signed by a Certificate Authority, often referred to as the CA
Every certificate signed by the CA will trust every other certificate that is also signed by the same CA
When two certificates trust each other, they can be used to encrypt a connection
This is especially important when transmitting a username and password across the internet
Each service provided by Computerisms will use Security Certificates to encrypt network connections
Sites you visit that have https:// in the address bar are secured by a certificate
So why do I get a Security Certificate Warning?
Certificate warnings can be caused by several factors, but the most important thing to know is that just because you see a warning does not mean the site is not secured
One possible reason for the Certificate Warning is that your computer does not know the origin of the certificate on the server
When you go to an https enable site that does not show the warning, it is because a purchased certificate on the server and a certificate on your computer have been signed by the same CA
When one generates his own Certificates instead of purchasing them, as Computerisms does, they are considered Self-Signed.
Since Computerisms doesn't pay the fees to have its certificates signed by the same CA used by your computer, your computer will not trust the server's certificate
A person with the right knowledge can set up a system that is just as secure at a fraction of a fraction of the cost of purchasing certificates
Using paid Certificates on a Hosting Server that is hosting many domains is prohibitively expensive
Since your computer cannot verify the origin of the certificate on the server, it cannot establish a trust relationship with the server
The warning will inform you that the certificate on the server cannot be trusted because its origins cannot be confirmed
Since you know the origins of the certificate (It comes from Computerisms), you can override your computer's paranoia
By temporarily overriding the warning, you instruct your computer to trust the certificate on the server
Once the trust is established, then the certificates can be used to encrypt the communication so your password is not transmitted in clear text
Another reason a security certificate warning might pop up is a mismatched address
If you arrive at the site by a name that is different than the one on the certificate, your computer will warn you that the address in your address bar is not the same as the address on the certificate.
Remember, regardless of the warning, when you instruct your computer to trust the certificate, encryption will still happen. So long as you know the certificate, even if your computer doesn't, you will be sending your passwords over the internet encrypted, so people can't see it. You should not send a password on an unencrypted connection.
Okay, Now I know why, but what do I do about it?
If one extra click every time you use a Computerisms Service does not seem unreasonable, then one viable option is to do nothing
In some cases, the problem can be solved on the server.
If for example you wish to run an online store, you will need to purchase your own certificate
In the case of providing encrypted services in a hosting environment, purchasing certificates is very cost prohibitive
it is better to have a certificate and a warning than it is to have no certificate at all
While Security Certificates are an open standard, implementation varies quite a bit depending on the browser and platform it runs on
While disabling Name Matching might seem a convenient thing, keep in mind that this disables the security warning, meaning you won't get a warning when you do connect to a disreputable site
Internet Explorer - Importing Certificate Authority
The easiest way to install a certificate is using Internet Explorer
Open your start menu and choose "All Programs"
In the list, right click Internet Explorer
In the menu, choose "Run as Administrator"
If you are presented with a window confirming the program should be allowed to make changes to your computer, select Yes