Secure Website Certificate
- Revision id: 76285
- Creator: Sayantan
- Comment: """" SSL Certificates - SSL means Security Socket Layer . its a protocol ses a third party, a Certificate Authority (CA), to identify one end or both end of the transactions. This is in short how it works. A browser requests a secure page (usually https
- Reviewed: Yes
- Reviewed by: jsavage
- Is approved? No
- Is current revision? No
- Ready for localization: No
Table of Contents
Certificate and Certificate Hierarchy
A Secure Website Certificate helps Firefox determine whether the site you are visiting is actually the site that it claims to be. When you visit a website whose web address starts with https, your communication with the site is encrypted to help ensure your privacy. Before starting the encrypted communication, the website will present Firefox with a certificate to identify itself.
An https web site is only secure to the extent that the web site is operated by someone in contact with the person who registered the domain name, and the communication between you and the website is encrypted to prevent eaves dropping. No other surety is implied.
When you visit a secure website, Firefox will validate the website’s certificate by checking that the certificate that signed it is valid, and checking that the certificate that signed the parent certificate is valid and so forth up to a root certificate that is known to be valid. This chain of certificates is called the Certificate Hierarchy.
Secure Website Certificates contain the following information.
Serial Number: Uniquely identifies the certificate.
Subject: Identifies the certificate owner, such as the name of the organization owning the certificate.
Issuer: Identifies the entity that issued the certificate.
Subject Alt Name Extension: List of website addresses that the certificate can be used to identify.
Signature: Data that verifies that the certificate came from the Issuer.
Signature Algorithm: Algorithm used to create the Signature.
Valid-From: The date the certificate is first valid.
Valid-To: The expiration date.
Key-Usage and Extended Key Usage: Specifies how the certificate may be used, such as for confirming ownership of a website (Web Server Authentication).
Public Key: The public part of the data that comprises the public/private key pair. The public and private keys are mathematically linked, so the data encrypted with the public key can only be decrypted with the corresponding private key.
Public Key Algorithm: Algorithm used to create the Public Key.
Fingerprint: An abbreviated form of the Public Key.
Fingerprint Algorithm: Algorithm used to create the Fingerprint. """" SSL Certificates - SSL means Security Socket Layer . its a protocol ses a third party, a Certificate Authority (CA), to identify one end or both end of the transactions. This is in short how it works.
A browser requests a secure page (usually https://).
The web server sends its public key with its certificate.
The browser checks that the certificate was issued by a trusted party (usually a trusted root CA), that the certificate is still valid and that the certificate is related to the site contacted.
The browser then uses the public key, to encrypt a random symmetric encryption key and sends it to the server with the encrypted URL required as well as other encrypted http data.
The web server decrypts the symmetric encryption key using its private key and uses the symmetric key to decrypt the URL and http data.
The web server sends back the requested html document and http data encrypted with the symmetric key.
The browser decrypts the http data and html document using the symmetric key and displays the information.
View a Certificate
When you have browsed to a website whose web address starts with https, there will be a lock icon at the begining of the address bar. Single-click on the lock icon to get a pop-up that says who verified the certificate, then click on.
In that window click on Security then.
When you browse to a website whose web address starts with https, if there is a problem with the Secure Website Certificate, you will see the This Connection Is Untrusted alert page. Some common errors are described here.
To view the problematic certificate, follow these steps:
- On the warning page, click I Understand the Risks.
- When the Add Security Exception dialog will appear, click . The Certificate Viewer dialog will appear.
Reporting Certificate Errors
After you encounter an Untrusted Connection error, you may see a popup window asking you to report the error to Mozilla. Sharing the address and site identification (the Secure Website Certificate) for the site that was untrusted will help us identify and block malicious sites to keep you better protected.
Secure Certificate-If the connection is secure u can see green globe ,by clicking on the globe u can see the information that you are connected to mozilla.org and the connection is secure.Which run by Mozilla Foundation CA and verified by Digicert Inc. on the left side of this window u can see a lock which says that connection to this website is secure.if u want more inforamtion about your connection then u have to click on "More Information" and u will see the details information about the connection that it used the 128bit encryption key ..and u will get all the technical details which will help you to protect yourself to be the next victim of cyber world. By gaining your knowledge on this technical details now you can check it very easily that your connection is secure or not. here is screenshot for the technical details . By this informations and images will help you and the net will be more secure ..