Difference between revisions of "SSL FAQs"

From Support Wiki
Jump to navigation Jump to search
Line 13: Line 13:
 
Note: Regardless of where you get your certificate, please contact support@micronetonline.com as your first step so that we can provide helpful direction in this process.
 
Note: Regardless of where you get your certificate, please contact support@micronetonline.com as your first step so that we can provide helpful direction in this process.
  
''LiveEdit customers:'' If your site is a LiveEdit Aurora site, please contact support@micronetonline.com for information on an optional solution that we’d liked to share with you.
+
'''LiveEdit customers:''' If your site is a LiveEdit Aurora site, please contact support@micronetonline.com for information on an optional solution that we’d liked to share with you.
 +
 
  
 
Your association will need to purchase an SSL Certificate from a Certifying Authority, or ‘CA’. There are many CA’s on the web and prices for SSL Certificates vary. Once purchased, you will need to ask the CA for the SSL Certificate file which will be installed on our server by MicroNet.
 
Your association will need to purchase an SSL Certificate from a Certifying Authority, or ‘CA’. There are many CA’s on the web and prices for SSL Certificates vary. Once purchased, you will need to ask the CA for the SSL Certificate file which will be installed on our server by MicroNet.

Revision as of 14:27, 10 March 2017


What is SSL?

SSL (Secure Socket Layer), commonly known as HTTPS, is a communication method for the internet which protects website visitors’ information from being stolen or modified while it is being sent from their computer to a website. This is done by verifying the server identity and encrypting the data.

Who can get SSL?

This is available for all customer websites - both SmartCMS sites and non-SCMS sites.

Why would I want SSL?

SSL gives consumers confidence that sensitive information like their credit card numbers will not be intercepted. Having an SSL certificate for your domain also has benefits in relation to search engine optimization and general consumer trust. In addition, in January 2017 Google released Chrome version 56 which alerts users when they are on webpages that collect either credit card numbers or passwords that are not served over SSL. Eventually, Google will have a strong warning for all webpages not using the HTTPS protocol.

Where do I get an SSL Certificate?

Note: Regardless of where you get your certificate, please contact support@micronetonline.com as your first step so that we can provide helpful direction in this process.

LiveEdit customers: If your site is a LiveEdit Aurora site, please contact support@micronetonline.com for information on an optional solution that we’d liked to share with you.


Your association will need to purchase an SSL Certificate from a Certifying Authority, or ‘CA’. There are many CA’s on the web and prices for SSL Certificates vary. Once purchased, you will need to ask the CA for the SSL Certificate file which will be installed on our server by MicroNet.

While we do not recommend, support, endorse, or stand behind any CA, here is a short list of a few reputable CA’s to check out:

  • Network Solutions
  • Digicert
  • Thawte
  • Symantec
  • Cloudflare is another option that you may wish to consider.

If your site is hosted by a third-party, please contact your hosting provider to see if this is a service they can provide for you.

When applying for an SSL Certificate, you will need to provide the CA with a Certificate Signing Request (CSR) which allows them to perform a ‘background check’ to verify your organization, your ownership of the domain name, etc. If we are hosting your site or a module sub-domain, we will provide this at no cost. If not, you will need to contact your hosting provider.

What certificate options do I need to look for?

Certificates needed: Most SmartCMS customers will need an SSL certificate for a single domain (i.e. your main domain). Customers not using SmartCMS will need either a wildcard certificate (see below) or two single domain certificates, one for your module sub-domain and one for your main domain.

  • Wildcard Certificate - Wildcard SSL certificates secures your domain name and an unlimited number of its subdomains. For example, a single Wildcard certificate can secure www.coolexample.com, member.coolexample.com, and store.coolexample.com.

Note:

  • When applying for a single domain SSL certificate, you will want to verify with the CA that both the www domain and the non-www domain (e.g. www.myorganization.com and organization.com) will be covered by a single domain SSL certificate. A single domain certificate may be able to handle both domains, but it depends on which CA is issuing the certificate.
  • You may also be asked what type of server we are running - IIS is the correct answer.



Validation levels: The level of validation offered with SSL certificates (Extended, Domain and Organization validation) is not critical to our configuration but is up to you and your web master to determine what validation level you wish to provide your website visitors.

  • DV (Domain Validated) where the CA checks the right of the applicant to use a specific domain name. No company identity information is vetted and no information is displayed other than encryption information within the Secure Site Seal.
  • OV (Organization Validation) where the CA checks the right of the applicant to use a specific domain name PLUS it conducts some vetting of the organization. Additional vetted company information is displayed to customers when clicking on the Secure Site Seal, giving enhanced visibility in who is behind the site and associated enhanced trust.
  • EV (Extended Validation) where the Certificate Authority (CA) checks the right of the applicant to use a specific domain name PLUS it conducts a THOROUGH vetting of the organization. The issuance process of EV SSL Certificates is strictly defined in the EV Guidelines, as formally ratified by the CA/Browser forum in 2007, that specify all the steps required for a CA before issuing a certificate.

Contact support@micronetonline.com if unsure of your configuration or the minimum requirements for your site.

What is the cost of obtaining and installing the SSL Certificate?

Once you’ve obtained the certificate, installing the SSL Certificate on our server is free.

The cost of a certificate itself varies by certificate type and by Certificate Authority. In addition, some web hosting companies may charge a fee when requesting the CSR (Certificate Signing Request). If we are your web hosting provide, there is no charge for the CSR.

How do I get the SSL Certificate installed on my website?

You can email your SSL Certificate file to support@micronetonline.com Your MicroNet contact will work with you on getting SSL in place for your website.

Once the SSL Certificate is installed, a security ‘lock’ icon is visible on popular website browsers, indicating the SSL Certificate is in place and the website is secure.

Noteworthy Information

  • The implementation of SSL on our servers uses a technology called Server Name Identification (SNI) which is not supported by older web browsers such as Internet Explorer version 7 and older, or for any users of IE that have the Windows XP operating system.
  • SSL is designed to protect only info in transit, not to be confused with protection for the server where the website is hosted.
  • Particularly sensitive information such as credit card information being sent from your website to our server is already secured on the ChamberMaster / MemberZone servers. Having an SSL certificate for your domain will secure ALL information (not just the sensitive information) while it is being sent to our server.
  • If you purchase the eCommerce module, we strongly recommend purchasing an SSL Certificate, which will secure all information (not just sensitive information). The security 'lock' will appear in main browsers for all pages, indicating a secure site to the consumer.