An SSL server certificate is required for secure connection between Web server and browser users. The application does not need to pass the business acceptance point. The user's key pair is generated and managed by the corresponding web server, when applying for a certificate, you only need to submit the certificate application package generated by the Web server to the CA center. The key length is 512 bits (or 1024 bits) and the certificate is loaded to the web server.
At present, the CA center can issue certificates for WWW servers such as Netscape Web server, Microsoft IIS server, Java Web server, IBM go Webserver, Lotus Notes server 4.1, Domino server4.5, and Domino go webserver. The implementation of the SSL certificate function depends on whether the web server that requests the Certificate supports the corresponding function. After applying for an SSL Certificate and loading it successfully, the web server can establish a secure connection with the user's browser.
Web server certificates that support SSL 2.0 do not need the browser certificate of the user when establishing a connection with the user's browser. The SSL Certificate of the server is used to indicate the server identity and establish a secure connection channel to the user.
The Web server certificate that supports SSL 3.0 requires the browser client to have a user certificate in addition to the SSL Certificate of the server itself when establishing a connection with the user's browser, when establishing communications, the web server exchanges certificates with the browser, verifies the identity of the other party, and establishes a secure connection channel. In this case, the browser client has a user certificate, which is the Personal Security Email Certificate in 2.2.
the procedure for applying for an SSL server certificate is as follows:
1. the Web server administrator who needs to apply for a certificate runs the certificate application package on the corresponding web server to generate a Program to generate a certificate request package.
2. log on to the e-commerce website as a web server administrator, select SSL Certificate Application, enter the basic information of the certificate application, and submit the certificate request package generated in 1.
3. after the online submission is successful, the corresponding web server management organization will apply for a certificate from the CA center.
4. enter the Certificate Application Form and Certificate Application Agreement
5. the CA auditor compares the data entered in the form with the data entered by the user online for review
6. after the certificate is approved, make the certificate. The certificate can be sent to the certificate applicant via a floppy disk or email.
7. the Web server administrator runs the certificate loader on the corresponding web server to load the successfully applied certificate to the web server.