[1] The Internet has created many new global business opportunities for enterprises conducting online commerce. However, the many security risks associated with conducting e-commerce have resulted in security becoming a major factor for online success or failure.
Over the past 7 years, consumer magazines, industry bodies and security providers have educated the market on the basics of online security. The majority of consumers now expect security to be integrated into any online service they use, as a result they expect any details they provide via the Internet to remain confidential and integral. For many customers, the only time they will ever consider buying your products or a service online is when they are satisfied their details are secure.
This guide explains how you can utilize Digi-SSL™ [2] to activate the core security technology available on your existing web server. You will also learn how Digi-SSL™ allows you to protect your customer's transactions and provide visitors with proof of your digital identity – essential factors in gaining confidence in your services and identity.
Using Digi-SSL™ Certificates to secure your online transactions tells your customers you take their security seriously. They will visibly see that their online transaction will be secure, confidential and integral and give them the confidence that you have removed the risk associated with trading over the Internet.
Using Security helps you realize the benefits of online commerce:
Only if you have visibly secured your site with SSL security technology will your customers have confidence in your online operations. Read on to learn how SSL helps you achieve the confidence essential to successful e-commerce.
[1] Secure Sockets Layer, SSL, is the standard security technology for creating an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browser remain private and integral. SSL is an industry standard and is used by millions of websites in the protection of their online transactions with their customers. In order to be able to generate an SSL link, a web server requires an SSL Certificate.
When you choose to activate SSL on your web server you will be prompted to complete a number of questions about the identity of your website (e.g. your website's URL) and your company (e.g. your company's name and location).
Private and Public Key
Your web server then creates two cryptographic keys – a Private Key and a Public Key. Your Private Key is so called for a reason – it must remain private and secure. The Public Key does not need to be secret and is placed into a Certificate Signing Request (CSR [3]) – a data file also containing your details. You should then submit the CSR during the SSL Certificate application process to Digi-Sign, the Digi-SSL™ Certification Authority, who will validate your details and issue an SSL Certificate containing your details and allowing you to use SSL.
Your web server will match your issued SSL Certificate to your Private Key. Your web server will then be able to establish an encrypted link between the website and your customer's web browser.
NOTE: For detailed application and installation instructions please refer to our
Digi-SSL™ Support Centre
[1] The complexities of the SSL protocol remain invisible to your customers. Instead their browsers provide them with a key indicator to let them know they are currently protected by an SSL encrypted session – the Padlock:
As seen by users of Internet Explorer
Clicking on the Padlock displays your SSL Certificate and your details:
All SSL Certificates [4] are issued to either companies or legally accountable individuals. Typically an SSL Certificate will contain your domain name, your company name, your address, your city, your state and your country. It will also contain the expiry date of the Certificate and details of the Certification Authority responsible for the issuance of the Certificate. When a browser connects to a secure site it will retrieve the site's SSL
Certificate and check that it has not expired, it has been issued by a Certification Authority the browser trusts, and that it is being used by the website for which it has been issued. If it fails on any one of these checks the browser will display a warning to the end user.
Why should you use a Digi-SSL™ certificate?
Digi-Sign, the Certification Authority behind Digi-SSL™, is one of the fastest growing SSL Providers in the world. Unlike other Certification Authorities, Digi-Sign does not just provide SSL Certificates – they are a world-renowned security and cryptography service provider. When you are a customer of Digi-Sign, you can feel safe knowing that your website security is provided by experts. Digi-SSL™ Certificates are the most cost-effective fully validated and fully supported
128 bit SSL Certificates you can buy today! You can contact the technical support team between 7:30am - 16:00pm GMT (soon to be 24 hours). You can also feel safe in the knowledge that Digi-Sign will validate your application in accordance with the latest digital signature [5] legislation pertaining to Qualified Certificates. This validation is done effectively and quickly, ensuring you need not wait the traditional 3 working days normally associated with a fully validated SSL Certificate.
[1] The Internet has created many new global business opportunities for enterprises conducting online commerce. However, the many security risks associated with conducting e-commerce have resulted in security becoming a major factor for online success or failure.
Over the past 7 years, consumer magazines, industry bodies and security providers have educated the market on the basics of online security. The majority of consumers now expect security to be integrated into any online service they use, as a result they expect any details they provide via the Internet to remain confidential and integral. For many customers, the only time they will ever consider buying your products or a service online is when they are satisfied their details are secure.
This guide explains how you can utilize Digi-SSL™ to activate the core security technology available on your existing web server. You will also learn how Digi-SSL™ allows you to protect your customer's transactions and provide visitors with proof of your digital identity – essential factors in gaining confidence in your services and identity.
Using Digi-SSL™ Certificates to secure your online transactions tells your customers you take their security seriously. They will visibly see that their online transaction will be secure, confidential and integral and give them the confidence that you have removed the risk associated with trading over the Internet.
Using Security helps you realize the benefits of online commerce:
Only if you have visibly secured your site with SSL security technology will your customers have confidence in your online operations. Read on to learn how SSL helps you achieve the confidence essential to successful e-commerce.
[1] Secure Sockets Layer, SSL, is the standard security technology for creating an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browser remains private and integral. SSL is an industry standard and is used by millions of websites in the protection of their online transactions with their customers. In order to be able to generate an SSL link, a web server requires an SSL Certificate.
When you choose to activate SSL on your web server you will be prompted to complete a number of questions about the identity of your website (e.g. your website's URL) and your company (e.g. your company's name and location).
Private Key and Public Key
Your web server then creates two cryptographic keys – a Private Key and a Public Key. Your Private Key is so called for a reason – it must remain private and secure. The Public Key does not need to be secret and is placed into a Certificate Signing Request [CSR [3]] – a data file also containing your details. You should then submit the CSR during the SSL Certificate application process to Digi-Sign, the Digi-SSL™ Certification Authority, who will validate your details and issue an SSL Certificate containing your details and allowing you to use SSL.
Your web server will match your issued SSL Certificate to your Private Key. Your web server will then be able to establish an encrypted link between the website and your customer's web browser.
NOTE: For detailed application and installation instructions please refer to section
'Step by step instructions to set up SSL on your web server' of this guide.
[1] The complexities of the SSL protocol remain invisible to your customers. Instead their browsers provide them with a key indicator to let them know they are currently protected by an SSL encrypted session – the Padlock:
As seen by users of Internet Explorer
Clicking on the Padlock displays your SSL Certificate and your details:
All SSL Certificates [4] are issued to either companies or legally accountable individuals. Typically an SSL Certificate will contain your domain name, your company name, your address, your city, your state and your country. It will also contain the expiry date of the Certificate and details of the Certification Authority responsible for the issuance of the Certificate. When a browser connects to a secure site it will retrieve the site's SSL
Certificate and check that it has not expired, it has been issued by a Certification Authority the browser trusts, and that it is being used by the website for which it has been issued. If it fails on any one of these checks the browser will display a warning to the end user.
[1] Digi-Sign, the Certification Authority behind Digi-SSL™, is the fastest growing SSL Provider in the world. Unlike other Certification Authorities, Digi-Sign does not just provide SSL Certificates [4] – they are a world-renowned security and cryptography service provider. When you are a customer of Digi-Sign, you can feel safe knowing that your website security is provided by experts. Digi-SSL™ Certificates are the most cost-effective fully validated and fully supported
128 bit SSL Certificates you can buy today! You can contact the technical support team between 7:30am - 16:00pm GMT (soon to be 24 hours). You can also feel safe in the knowledge that
Digi-Sign will validate your application in accordance with the latest digital signature [5] legislation pertaining to Qualified Certificates. This validation is done effectively and quickly, ensuring you need not wait the traditional 3 working days normally associated with a fully validated SSL Certificate.
Digi-SSL™ boasts industry leading browser ubiquity – comparable to Verisign and Thawte, however without the costs associated with other SSL Providers. Digi-SSL™ Certificates are compatible with over 99% of browsers – including Internet Explorer 5.00 and above, Netscape 4.5 and above, AOL 6 and above and Opera 5.00 and above.
Digi-SSL™ benefits summary:
Digi-SSL™ Certificates are the most cost effective SSL Certificates you can buy which
include:
Digi-SSL™ Certificates provide you with the key to successfully using SSL on your web server.
Testing your web server before you buy.
Try a Digi-SSL Trial™ Certificate for FREE
Trial SSL Certificates provide full SSL functionality for 14 days and are fully supported by our expert technical support staff. Unlike test Certificates from other CAs [6],
Digi-SSL Trial™ Certificates are issued using the same Trusted Root CA that issues our end-entity SSL Certificates and provides 99% browser ubiquity, and NOT by a different test CA. This unique service helps you fully test your system prior to your live roll out.
Trial SSL Certificates are ideal for anyone requiring proof of ease of installation, confirmation of high quality technical support and also confirmation of compatibility with the majority of the browsers that exist today. Trial SSL Certificates are also ideal for practicing with Certificates and learning about SSL implementation before committing to installing a Certificate on your live system.
Get your free 14-day Digi-SSL Trial™ Certificate from
https://www.digi-sign.com/product/digi-ssl [7]
[1] There are four stages to set up SSL on your Apache web server:
A CSR is a file containing your certificate application information, including your Public Key. Generate your CSR and then copy and paste the CSR file into the web form in the enrolment process:
Generate keys and certificate:
To generate a pair of private key and public Certificate Signing Request (CSR) for a web server, "server", use the following command:
openssl req -new -newkey rsa:1024 -keyout myserver.key -nodes -out server.csr
40-bit Certificate:
openssl req -new -newkey rsa:512 -keyout myserver.key -nodes -out server.csr
This creates a two files. The file myserver.key contains a private key; do not disclose this file to anyone. Carefully protect the private key.
In particular, be sure to backup the private key, as there is no means to recover it should it be lost. The private key is used as input in the command to generate a Certificate Signing Request (CSR).
You will now be asked to enter details to be entered into your CSR.
What you are about to enter is what is called a Distinguished Name or a DN.
For some fields there will be a default value, If you enter '.', the field will be left blank.
Please enter the following 'extra' attributes to be sent with your certificate request
A challenge password []:
An optional company name []:
-----
Use the name of the web server as Common Name (CN). If the domain name is mydomain.com append the domain to the hostname (use the fully qualified domain name).
The fields email address; optional company name and challenge password can be left blank for a webserver certificate.
Your CSR will now be created. Open the server.csr in a text editor and copy and paste the contents into the online enrolment form when requested.
[1] Visit https://www.digi-sign.com/product/digi-ssl [7] and select your SSL Certificate product type. You will be required to submit the CSR [3] into a web form. When you make your application, make sure you include the CSR in its entirety into the appropriate section of the enrolment form. When you view your CSR it will appear something like:
Be sure to copy the CSR text in its entirety into the application form, including the:
You will receive an email from Digi-Sign with the certificate in the email (yourdomainname.cer). When viewed in a text editor, your certificate will look something like:
Copy your Certificate into the directory that you will be using to hold your certificates. In this example we will use /etc/ssl/crt/. Both the public and private key files will already be in this directory. The private key used in the example will be labeled private.key and the public key will be yourdomainname.cer.
It is recommended that you make the directory that contains the private key file only readable by root.
Step two: Install the Intermediate Certificates
You will need to install the chain certificates (intermediates) in order for browsers to trust your certificate. As well as your SSL certificate (yourdomainname.cer) two other certificates, named UTN-USERFirst-Hardware.crt and Digi-SignCADigi-SSLXp.crt or
Digi-SignCADigi-SSLXs.crt, are also attached to the email from Digi-Sign.
Apache users will not require these certificates. Instead you can install the intermediate certificates using a 'bundle' method.
In the Virtual Host settings for your site, in the httpd.conf file, you will need to complete the following:
Add the following line to SSL section of the httpd.conf (assuming /etc/httpd/conf is the directory to where you have copied the ca.txt file). if the line already exists amend it to read the following:
SSLCACertificateFile /etc/httpd/conf/ca-bundle/ca.txt
If you are using a different location and certificate file names you will need to change the path and filename to reflect your server.
The SSL section of the updated httpd config file should now read similar to this example (depending on your naming and directories used):
SSLCertificateKeyFile /etc/ssl/crt/private.key
SSLCACertificateFile /etc/httpd/conf/ca-bundle/ca_new.txt
Save your httpd.conf file and restart Apache.
As a valued Digi-SSL™ customer we encourage you to display the Digi-SSL™ secure site seal to help promote your secure site to customers. The secure site seal is free to all
Digi-SSL™ customers.
Contact us to discuss our Digi-Seal™ technology and how providing real-time identity assurance to customers to help establish even more confidence and trust with your customers.
[1] There are four main classes of Digi-SSL™ Certificate and these are explained in the following sub sections:
The Digi-SSL™ Xs is for low/no value transactions. For corporate users and commercial websites the Digi-SSL™ Xp or higher class Digi-SSL™ is recommended. The Digi-SSL™ Xs should only be used to authenticate your site to visitors and although technically it can also be used for encrypting data submitted through the site, without the additional insurance cover offered by the higher classes of Digi-SSL™ the value of the transaction is not important.
The Digi-Sign Certificate Practice Statement [CPS] [8] v3.7, Sub section 2.4.1.a and 5.32.1 both state that the maximum warranty associated with a Digi-SSL™ Xs certificate is €0.01. So if your information is worth more than €0.01 and you require warranty protection, you should only use the Xs Certificate to authenticate your website. This does not mean you can’t use the Xs for encrypting data, it only means that in the event of a fault in the Digi-SSL™, you have no warranty.
The maximum warranty associated with the Digi-SSL™ Xp or Xg Certificate is €10,000. The Certificate Practice Statement [8] v3.7, Sub section 2.4.1.b and 5.32.2, both state clearly that this is for corporate or professional use and carries a warranty in the event of failure.
Other Differences between Xp/Xg & Xs would be that
Digi-SSL™ Xg Certificates are only supplied in specific cases where multiple hosting specifications require flexible naming within the Digi-SSL™. This specialist configuration can include multiple Common Names within the same Certificate, wildcard facilities or a combination of these requirements.
[1] Digi-SSL™ Xe Certificates are Extended Validation SSL s[EV SSLs] and were released into the market in 2007 in response to the new initiative from Microsoft® and IE7.0 where the presence of an Digi-SSL™ Xe on the server causes the IE7.0 address bar to turn green as a means of indicating to the user that the SSL is a high assurance EV SSL.
Extended Validation SSL Certificates [4] give high security Web browsers information to clearly identify a website’s identity. When a user, with a Microsoft® Internet Explorer 7, visits the website the address bar turns green. A display next to the green bar will toggle between the organization name listed in the certificate and the Certificate Authority [6] (Digi-Sign, for example). Firefox and Opera have announced their intention to support EV SSL in upcoming releases. Older browsers will display the EV SSL Certificate just as it does existing SSLs 9i.e. no discernible difference, but equally, no errors are caused).
The benefits of EV SSL are easily understood when high profile incidents of fraud and phishing scams and concerns about identity theft are considered. Before the user enters sensitive data, they want proof that the website can be trusted and that their information will be encrypted. Without it, they may decide not to do business with your site. High security browsers and EV SSL Certificates provide the assurance of extended third-party verification combined with a clear visual display that gives consumers the confidence they need to do business with you.
The high assurance SSL or EV SSL offers the website user is a competitive advantage on the internet. For organizations with a high profile, using EV SSL is the most effective defense against phishing and other Internet scams. When users see the green bar and the name of the SSL vendor, their confidence in the security and integrity of the site is naturally improved.
[1] The Digi-ISP™ Service is almost identical to the Digi-SSL™ Service but with one important distinction: The internet Service Provider [ISP] conducts the validations [9] process under license from Digi-Sign. Once the AACD™ Contract [10] between the ISP and Digi-Sign is signed, the ISP then has the ability to issue Digi-SSL™ Certificates to any domain it chooses.
This Service is not limited to ISPs and can include Information & Communication Technology [ICT] companies and IT Professionals that need the flexibility and convenience that Digi-ISP™ Service Xs offers.
The Digi-ISP™ Service Xs can be operational in a matter of days (depending on the level of customization required) and there is little or no training required as it has been designed so that even ‘non-technical’ people can easily understand how to use it. Combine all of the above benefits with the built-in Account Management facility for customer billing and this becomes a powerful application to any ISP arsenal of services.
Digi-ISP™ Service Xp is a further enhancement of the basic service whereby a dedicated Intermediate Root in the name of your organization is created according to the SAS70 specification for conducting Root Key Ceremonies. The Certificate Practice Statement [8] [CPS] and Certificate Policy [CP] that you agree with the Digi-CAST1™ Team will determine the type and number of separate Intermediate Roots your organization require.
Once the CPS and CP are finalized and the Root Key Ceremony(s) is completed, the Digi-ISP™ Service Xp can be operational within 5 – 7 days, subject to Production Schedules. The following sub sections describe this important Key Ceremony in more detail.
[1] You may be seeking a simple solution for getting your manually managed SSL Certificates [4] or perhaps you have a larger and more specific set of requirements. You need many different Digital Certificates [5] for several organizational divisions and locations. Whether your requirement is large or small, Digi-SSL Server™ easily meets your needs.
Traditionally, organizations have to wait hours or even days for SSL Certificates. Other Certificate solutions are cumbersome, labor intensive and expensive. With Digi-SSL™ Service these issues and others are completely removed.
You provide us with a list of domains that you need secured and before the Digi-SSL™ Service is activated these names are thoroughly Validated. All domain name validations [9] are provided free-of-charge and once active, the Administrator is able to issue and revoke any Digi-SSL™ for any domain name in the system.
Digi-SSL™ Service combined with AACD™ means that there is no migration issue. Your purchase the amount of SSLs you need, install the DSSA™ [11] software and the AACD™ system [12] does everything else for you automatically.
[1] Secure Socket Layer [4] [SSL] server Certificates are installed on a server or device. This can be a server that hosts a website like www.digi-sign.com [13], a mail server, a directory or LDAP server, or any other type of server that needs to be authenticated, or that wants to send and receive encrypted data.
The following is a list of browsers that are compatible with Digi-SSLs™, Digi-Codes™ and Digi-IDs™:
When combined with the Automated & Authenticated Certificate Delivery™ [AACD™] [12] system the complete life cycle of the Digi-SSL™ can be automated. See the AACD™ Flash Presentation [14] for further details.
The Digi-SSL™ Service system is the Administrators’ interface for ordering additional credits for use by the ACCD™. For further information on the Digi-SSL™ Service system visit the Digi-SSL™ Service Online Demo [15].
[1] The Internet has created many new global business opportunities for enterprises conducting online commerce. However, the many security risks associated with conducting e-commerce have resulted in security becoming a major factor for online success or failure.
Over the past 7 years, consumer magazines, industry bodies and security providers have educated the market on the basics of online security. The majority of consumers now expect security to be integrated into any online service they use, as a result they expect any details they provide via the Internet to remain confidential and integral. For many customers, the only time they will ever consider buying your products or services online is when they are satisfied their details are secure.
This guide explains how you can utilize Digi-SSL™ [2] to activate the core security technology available on your existing web server. You will also learn how Digi-SSL™ allows you to protect your customer's transactions and provide visitors with proof of your digital identity – essential factors in gaining confidence in your services and identity.
Using Digi-SSL™ Certificates to secure your online transactions tells your customers you take their security seriously. They will visibly see that their online transaction will be secure, confidential and integral and give them the confidence that you have removed the risk associated with trading over the Internet.
Using Security helps you realize the benefits of online commerce:
Only if you have visibly secured your site with SSL security technology will your customers have confidence in your online operations. Read on to learn how SSL helps you achieve the confidence essential to successful e-commerce.
[1] Secure Sockets Layer, SSL, is the standard security technology for creating an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browser remains private and integral. SSL is an industry standard and is used by millions of websites in the protection of their online transactions with their customers. In order to be able to generate an SSL link, a web server requires an SSL Certificate.
When you choose to activate SSL on your web server you will be prompted to complete a number of questions about the identity of your website (e.g. your website's URL) and your company (e.g. your company's name and location).
Private and Public Key
Your web server then creates two cryptographic keys – a Private Key and a Public Key. Your Private Key is so called for a reason – it must remain private and secure. The Public Key does not need to be secret and is placed into a Certificate Signing Request (CSR [3]) – a data file also containing your details. You should then submit the CSR during the SSL Certificate application process to Digi-Sign, the Digi-SSL™ Certification Authority, who will validate your details and issue an SSL Certificate containing your details and allowing you to use SSL.
Your web server will match your issued SSL Certificate to your Private Key. Your web server will then be able to establish an encrypted link between the website and your customer's web browser.
NOTE: For detailed application and installation instructions please refer to section
'Step by step instructions to set up SSL on your web server' of this guide.
[1] The complexities of the SSL protocol remain invisible to your customers. Instead their browsers provide them with a key indicator to let them know they are currently protected by an SSL encrypted session – the Padlock:
As seen by users of Internet Explorer
Clicking on the Padlock displays your SSL Certificate and your details:
All SSL Certificates [4] are issued to either companies or legally accountable individuals. Typically an SSL Certificate will contain your domain name, your company name, your address, your city, your state and your country. It will also contain the expiry date of the Certificate and details of the Certification Authority responsible for the issuance of the Certificate. When a browser connects to a secure site it will retrieve the site's SSL
Certificate and check that it has not expired, it has been issued by a Certification Authority the browser trusts, and that it is being used by the website for which it has been issued. If it fails on any one of these checks the browser will display a warning to the end user.
Why should you use an Digi-SSL™ certificate?
Digi-Sign, the Certification Authority behind Digi-SSL™, is the fastest growing SSL Provider in the world. Unlike other Certification Authorities, Digi-Sign does not just provide SSL Certificates – they are a world-renowned security and cryptography service provider. When you are a customer of Digi-Sign, you can feel safe knowing that your website security is provided by experts. Digi-SSL™ Certificates are the most cost-effective fully validated and fully supported
128 bit SSL Certificates you can buy today! You can contact the technical support team between 7:30am - 16:00pm GMT (soon to be 24 hours). You can also feel safe in the knowledge that
Digi-Sign will validate your application in accordance with the latest digital signature [5] legislation pertaining to Qualified Certificates. This validation is done effectively and quickly, ensuring you need not wait the traditional 3 working days normally associated with a fully validated SSL Certificate.
[1] Digi-SSL™ boasts industry leading browser ubiquity – comparable to Verisign and Thawte, however without the costs associated with other SSL Providers. Digi-SSL™ Certificates are compatible with over 99% of browsers – including Internet Explorer 5.00 and above, Netscape 4.5 and above, AOL 6 and above and Opera 5.00 and above.
Digi-SSL™ benefits summary:
Digi-SSL™ Certificates are the most cost effective SSL Certificates [4] you can buy which
include:
Digi-SSL™ Certificates provide you with the key to successfully using SSL on your web server.
Testing your web server before you buy.
Try a Digi-SSL Trial™ Certificate for FREE
Trial SSL Certificates [4] provide full SSL functionality for 14 days and are fully supported by our expert technical support staff. Unlike test Certificates from other CAs [6],
Digi-SSL Trial™ Certificates are issued using the same Trusted Root CA that issues our end-entity SSL Certificates and provides 99% browser ubiquity, and NOT by a different test CA. This unique service helps you fully test your system prior to your live roll out.
Trial SSL Certificates are ideal for anyone requiring proof of ease of installation, confirmation of high quality technical support and also confirmation of compatibility with the majority of the browsers that exist today. Trial SSL Certificates are also ideal for practicing with Certificates and learning about SSL implementation before committing to installing a Certificate on your live system.
Get your free 14-day Digi-SSL Trial™ Certificate from
https://www.digi-sign.com/product/digi-ssl [7]
[1] There are four stages to set up SSL on your Microsoft IIS 5x web server:
Create a Certificate Signing Request (CSR)
A CSR is a file containing your certificate application information, including your Public Key. Generate your CSR and then copy and paste the CSR file into the web form in the enrolment process:
Generate keys and Certificate Signing Request:
[1]
[1] Visit https://www.digi-sign.com/product/digi-ssl [7] and select your SSL Certificate product type. You will be required to submit the CSR [3] into a web form. When you make your application, make sure you include the CSR in its entirety into the appropriate section of the enrollment form. When you view your CSR it will appear something like:
Be sure to copy the CSR text in its entirety into the application form, including the:
Install a Digi-SSL™ Certificate
Installing the Root & Intermediate Certificates
When your Digi-SSL™ Certificate has been issued you will receive 3 Certificates via email from Digi-Sign Security Services. Save these Certificates to the desktop of the webserver machine, then:
A: To install the UTN-USERFirst-Hardware.crt Certificate:
B: To install the Digi-SignCADigi-SSLXp.crt or Digi-SignCADigi-SSLXs.crt:
[1] Select Administrative Tools
Important: You must now restart the computer to complete the installation
Open the Properties of the default website and ensure that SSL port contains the number 443 (it should default to this number automatically). You may want to test the Web site to ensure that everything is working correctly. Be sure to use https:// when you test connectivity to the site.
As a valued Digi-SSL™ customer we encourage you to display the Digi-SSL™ secure site seal to help promote your secure site to customers. The secure site seal is free to all Digi-SSL™ customers.
Contact us to discuss our Digi-Seal™ technology and how providing real-time identity assurance to customers to help establish even more confidence and trust with your customers.
Read more on why you should choose Digi-Sign [16]
Unlike any other CA system in the market, Digi-SSL™ is specifically designed to easily migrate any other existing SSL Management system you currently use. By design Digi-CA™ [22], as a entirely self dependent system, allows easy migration of set of data into the system in a seamless manner. The transfer is accomplished physically by the Digi-CAST™ Team [2].
For security reasons, there is no .csv flat file export capability within Digi-SSL™ Service system. This is to protect the security of the data and to avoid service interruption or corruption as a result of data corruption. Therefore, if you are an existing Digi-SSL™ Service user and are upgrading or updating, much of this must be conducted by the Digi-CAST™ Team.
[23]Using the "Search Results Digi-SSL™" component of the system, the Digi-CAST™ Team will reassign Administrators and Reminders for each of your Digi-SSL™ Certificates. This reassignment is carried out on explicit instructions from the Customer/Administrator and is typically conducted from a list of all the hostnames in the system.
[1] The following sub sections detail the different Types of Certificate and the correct Class depending on your requirement.
Digi-SSLs™ are Secure Socket Layer [SSL] [4] Certificates and are used for securing and authenticating the following:
Digi-SSLs™ are the most commonplace Digital Certificate [5] in use today. Web sites and other servers use Digi-SSLs™ in their thousands each year. If your requirement is predominantly for SSL and SSL Management, we recommend the Digi-SSL™ Service. And to completely automate the entire life cycle of your SSL environment, see the Automated & Authenticated Certificate Delivery™ System [12]
Digi-SSL™ provides you with two functions:
Every application for any class of Digi-SSL™ is subjected to the Triple-Check Validations™ procedure. This means that two or more Validations Officers physically check your details and entitlement to get the Digi-SSL™ before it is issued to you. This rigorous checking procedure protects you from someone else stealing your online identity because the Digi-Sign Triple-Check Validations™ has a 100% track record of never issuing a Digital Certificate to the wrong party. Once this Digi-SSL™ is put on your website, visitors know your site is genuine.
The same Digi-SSL™ that authenticates your site to visitors can also be used for encrypting data and it is here that the Xp/Xg and Xs difference occurs. The main difference between Xp/Xg & Xs is that the Digi-SSL™ Xs is for low/no value transactions and Xp/Xg is for corporate users and commercial websites.
The Digi-Sign Certificate Practice Statement [8] [CPS] v3.7, Sub section 2.4.1.a and 5.32.1 both state that the maximum warranty associated with a Digi-SSL™ Xs certificate is €0.01. So if your information is worth more than €0.01 and you require warranty protection, you should only use the Xs Certificate to authenticate your website. This does not mean you can’t use the Xs for encrypting data, it only means that in the event of a fault in the Digi-SSL™, you have no warranty.
The maximum warranty associated with the Digi-SSL™ Xp or Xg Certificate is €10,000. The CPS v3.7, Sub section 2.4.1.b and 5.32.2, both state clearly that this is for corporate or professional use and carries a warranty in the event of failure.
Other Differences between Xp/Xg & Xs would be that:
Digi-SSL™ Xg Certificates are only supplied in specific cases where multiple hosting specifications require flexible naming within the Digi-SSL™. This specialist configuration can include multiple Common Names within the same Certificate, wildcard facilities or a combination of these requirements.
[1] The secure site seal for your Digi-SSL™ [2] is an important part of your internet security strategy. It advises visitors to your site that your site is authentic and that it has been validated by a Trusted Third Party [25]. As a result your customers will have the confidence to communicate and transact business with your web site. [1] The secure site seal for your Digi-SSL™ [2] is an important part of your internet security strategy. It advises visitors to your site that your site is authentic and that it has been validated by a Trusted Third Party [25]. As a result your customers will have the confidence to communicate and transact business with your web site.
By simply clicking on the Secure Site Seal:
Advice & On Line Buying Options [26]
Multiple Digi-SSL™ Certificates are issued and managed by the Digi-CA™ Service [17] from outside your organisation. If you require 10-20,000 SSLs per annum you may want to consider the installed software (Digi-CA™ Server [27]) system, depending on your requirements.
Links:
[1] https://www.digi-sign.com/downloads/download.php?id=aacd-digi-ssl-pdf
[2] http://www2.digi-sign.com/digi-ssl
[3] http://www2.digi-sign.com/support/digi-ssl/generate+csr
[4] http://www2.digi-sign.com/ssl+certificate
[5] http://www2.digi-sign.com/digital+certificate
[6] http://www2.digi-sign.com/certificate+authority
[7] https://www.digi-sign.com/product/digi-ssl
[8] http://www2.digi-sign.com/repository/certificate+practice+statement
[9] http://www2.digi-sign.com/validations
[10] http://www2.digi-sign.com/repository/contracts/aacd
[11] http://www2.digi-sign.com/aacd/daemon+server+side+application
[12] http://www2.digi-sign.com/aacd
[13] http://www.digi-sign.com
[14] http://www2.digi-sign.com/demos/aacd
[15] http://www2.digi-sign.com/demos/digi-ssl
[16] http://www2.digi-sign.com/about/choosing+digi-sign
[17] http://www2.digi-sign.com/digi-ca/service
[18] http://www2.digi-sign.com/demos/digi-ca+presentation
[19] http://www2.digi-sign.com/digi-ssl/migration
[20] http://www2.digi-sign.com/about/testimonials
[21] http://www2.digi-sign.com/about/references
[22] http://www2.digi-sign.com/digi-ca
[23] http://www.digi-sign.com/demoexec/digi-ca/rev-digi-ssl1.php
[24] http://www2.digi-sign.com/contact
[25] http://www2.digi-sign.com/digi-trust/trusted+services+provider
[26] http://www2.digi-sign.com/https
[27] http://www2.digi-sign.com/digi-ca/server
[28] http://www2.digi-sign.com/en/aacd/index