At present, there are various types of websites. When we enter personal information on some websites, especially online banking transactions, how can we ensure that the websites you are facing are credible? By using the SSL Certificate of the website ID card, we can clearly understand whether the website is secure and trustworthy. Generally, the browser determines the security of these certificates. If we can master some identification methods of SSL certificates, We can greatly improve network security, especially the security of online transactions.
What is an SSL certificate for a website?
SSL is short for Secure Sockets Layer. It is a set of encryption technologies that provide identity authentication, confidentiality, and data integrity. The most common application of SSL is in Web browsers and Web servers (websites) establish a secure communication channel between them. Websites that require users to provide personal privacy information should use SSL technology, and there are two most intuitive ways to determine whether a website uses SSL technology: 1. The website must start with "Https; 2. A small yellow lock must appear on the IE browser's status bar.
How to apply for an SSL Certificate
Generally, the SSL server certificate application process is roughly as follows: the website administrator runs the certificate application package Generation Program on the website server to generate a certificate request package. Then the Administrator logs on to the website that provides the Certificate Service to apply for an SSL Certificate, fill in the basic information of the certificate application, and submit the certificate request package. After the certificate is submitted, the Administrator will bring the relevant certificate to the CA center (or online) to fill out the Certificate Application Form and Certificate Application agreement. After the Certification Center approves the application, the Administrator will create the corresponding certificate, finally, it is sent to the certificate applicant through a floppy disk or email.
How to verify SSL certificates in IE
The IE browser has a large number of Built-in Certificate Authority public keys. You can view the trusted Certificate Authority through the following operations. In the IE browser menu, click "tools/Internet Options", select the "content" tab, and click "certificate, then you can see that IE has already trusted many "intermediate certificate authority" and "Trusted Root Certificate Authority" (1 ). When we access the website, the browser will automatically download the SSL Certificate of the website and check the certificate security.
Because the certificate is classified, the website owner may receive the certificate from the root certificate authority or from the next level of the root certificate (such as the certification center of a country or a certificate issued by a province) receive the certificate. Suppose we are visiting a website using SSL technology, and IE will receive an SSL certificate. If this certificate is issued by the root certificate authority, the IE browser will follow the steps below to check: the browser uses the public key in the built-in root certificate to authenticate the received Certificate. If they are consistent, it indicates that the security certificate is issued by a trusted certification authority, and the website is secure and reliable. If the SSL certificate is not issued by the root server, the browser will automatically check the issuing authority at the upper level until the corresponding Root Certificate Authority is found. If the root certificate authority is trusted, the SSL Certificate of the website will also be trusted.
Tip: Generally, certificates have a valid date. If the certificate expires, you should be vigilant.
How to view the SSL certificate of a website
How can we ensure our security in network applications? The following uses the Industrial and Commercial Bank of China website (Www.icbc.com.cn. Open the online banking logon page of the Industrial and Commercial Bank of China, double-click the small lock on the IE browser status bar before entering personal information, you can see the pop-up certificate window (2 ). The General tab displays the purpose, authority, and validity period of the certificate. First, check the authority. If you trust the authority, you also trust the site. The issuing authority of ICBC is Verisign, and VeriSign is the largest Certification Authority. To apply for a certificate with the name of VeriSign, the applicant must prove that he is a registered company and has the right to use a specific Internet domain name. VeriSign also checks whether the employee who purchased the certificate has obtained the Company License. Therefore, when a website uses a certificate with the VeriSign name, you can confirm that it is trusted. Second, check the validity period of the certificate. If the certificate is not valid, the security warning window is displayed in IE. In addition, if the website on the certificate is inconsistent with the domain name you visit, you should be vigilant.
Tip: the website Certificate Authority must be listed in the window. If it is not listed, the browser will also pop up a security warning window. These websites are extremely unreliable. We recommend that you do not perform the next step.