|
|
Dedicated SSL Certificates :
The Secure Socket Layer protocol was created by Netscape to ensure secure transactions between web servers and browsers. The protocol uses a third party, a Certificate Authority (CA), to identify one end or both end of the transactions. This is in short how it works.
• A browser requests a secure page (usually https://)
• The web server sends its public key with its certificate.
• The browser checks that the certificate was issued by a trusted party (usually a trusted root CA), that the certificate is still valid and that the certificate is related to the site contacted.
• The browser then uses the public key, to encrypt a random symmetric encryption key and sends it to the server with the encrypted URL required as well as other encrypted http data.
• The web server decrypts the symmetric encryption key using its private key and uses the symmetric key to decrypt the URL and http data.
• The web server sends back the requested html document and http data encrypted with the symmetric key.
• The browser decrypts the http data and html document using the symmetric key and displays the information.
|
|
![](/web/20090218211532im_/http://www.eukhost.com/images/RapidSSL.gif) |
![](/web/20090218211532im_/http://www.eukhost.com/images/quick_ssl.gif) |
![](/web/20090218211532im_/http://www.eukhost.com/images/business_id.gif) |
![](/web/20090218211532im_/http://www.eukhost.com/images/sbs-ev-sm.gif) |
![](/web/20090218211532im_/http://www.eukhost.com/images/rapidssl-wildcard.jpg) |
|
|
|
|
|
|
Encryption |
128/256-bit* |
256-bit* |
256-bit* |
128/256-bit* |
256-bit* |
Security Method |
SSL |
Geotrust QuickSSL |
Geotrust True BusinessID |
EV-SSL |
Rapid SSL Wildcard |
Validation Required |
Basic |
Thorough |
Thorough |
Thorough |
Thorough |
Validation Procedure |
Automatic process
1)Verify domain ownership via email |
Automated Process
1)Verify domain ownership via email
|
Manual Process
1)Verify domain ownership
2)Verify entity
3)Verify authority |
Manual Process
Meets prescribed standards of CA/Browser Forum |
Manual Process
Secure multiple sites on one physical machine
|
Yearly Pricing |
£39.00 |
£69.00 |
£89.00 |
£349.00 |
£199.00 |
|
Order Now |
Order Now |
Order Now |
Order Now |
Order Now |
Browser Trusted |
![](/web/20090218211532im_/http://www.eukhost.com/images/check_tr.gif) |
![](/web/20090218211532im_/http://www.eukhost.com/images/check_tr.gif) |
![](/web/20090218211532im_/http://www.eukhost.com/images/check_tr.gif) |
![](/web/20090218211532im_/http://www.eukhost.com/images/check_tr.gif) |
![](/web/20090218211532im_/http://www.eukhost.com/images/check_tr.gif) |
Free Dedicated IPs |
1 Dedicated IP |
1 Dedicated IP |
1 Dedicated IP |
1 Dedicated IP |
1 Dedicated IP |
Browser Compatibility |
99.3% |
99.3% |
99.3% |
99.3% |
99.3% |
Technical Support |
Standard |
Standard |
Standard |
Priority |
Priority |
Support Type |
Email and livechat |
Email and livechat |
Email and livechat |
Email and livechat |
Email and livechat |
Provisioning Length |
1-2 hours |
1-2 hours |
1-2 business days |
1-2 business days |
1-2 business days |
Reissuance Time |
As required |
As required |
As required |
As required |
As required |
Certificate Issued |
1 domain name |
1 domain name |
1 domain name |
1 domain name |
multiple subdomains |
Recognized Internationally |
![](/web/20090218211532im_/http://www.eukhost.com/images/check_tr.gif) |
![](/web/20090218211532im_/http://www.eukhost.com/images/check_tr.gif) |
![](/web/20090218211532im_/http://www.eukhost.com/images/check_tr.gif) |
![](/web/20090218211532im_/http://www.eukhost.com/images/check_tr.gif) |
![](/web/20090218211532im_/http://www.eukhost.com/images/check_tr.gif) |
Secure Root Server |
![](/web/20090218211532im_/http://www.eukhost.com/images/check_tr.gif) |
![](/web/20090218211532im_/http://www.eukhost.com/images/check_tr.gif) |
![](/web/20090218211532im_/http://www.eukhost.com/images/check_tr.gif) |
![](/web/20090218211532im_/http://www.eukhost.com/images/check_tr.gif) |
![](/web/20090218211532im_/http://www.eukhost.com/images/check_tr.gif) |
Installation Service |
Free Installation |
Free Installation |
Free Installation |
Free Installation |
Free Installation |
Security web lock will appear: |
Locked |
Locked |
Locked |
Locked |
Locked |
Assurance Type |
Low |
High |
High |
High |
High |
Registered certificate authority product |
![](/web/20090218211532im_/http://www.eukhost.com/images/check_tr.gif) |
![](/web/20090218211532im_/http://www.eukhost.com/images/check_tr.gif) |
![](/web/20090218211532im_/http://www.eukhost.com/images/check_tr.gif) |
![](/web/20090218211532im_/http://www.eukhost.com/images/check_tr.gif) |
![](/web/20090218211532im_/http://www.eukhost.com/images/check_tr.gif) |
Warranty |
|
$10K |
$100K |
$250,000 |
$10K |
Trust Logo |
![](/web/20090218211532im_/http://www.eukhost.com/images/check_tr.gif) |
![](/web/20090218211532im_/http://www.eukhost.com/images/check_tr.gif) |
![](/web/20090218211532im_/http://www.eukhost.com/images/check_tr.gif) |
![](/web/20090218211532im_/http://www.eukhost.com/images/cross_tr.gif) |
![](/web/20090218211532im_/http://www.eukhost.com/images/check_tr.gif) |
|
|
Private Key/Public Key: |
The encryption using a private key/public key pair ensures
that the data can be encrypted by one key but can only be
decrypted by the other key pair. This is sometime hard to
understand, but believe me it works. The keys are similar
in nature and can be used alternatively: what one key emcrypts,
the other key pair can decrypt. The key pair is based on prime
numbers and their length in terms of bits ensures the difficulty
of being able to decrypt the message without the key pairs.
The trick in a key pair is to keep one key secret (the private
key) and to distribute the other key (the public key) to everybody.
Anybody can send you an encrypted message, that only you will
be able to decrypt. You are the only one to have the other
key pair, right? In the opposite , you can certify that a
message is only coming from you, because you have encrypted
it with you private key, and only the associated public key
will decrypt it correctly. Beware, in this case the message
is not secured you have only signed it. Everybody has the
public key, remember! |
One of the problem left is to know the public key of your
correspondent. Usually you will ask him to send you a non
confidential signed message that will contains his publick
key as well as a certificate. |
Message-->[Public Key]-->Encrypted
Message-->[Private Key]-->Message |
|
The Certificate: |
How do you know that you are dealing with the right person
or rather the right web site. Well, someone has taken great
length (if they are serious) to ensure that the web site owners
are who they claim to be. This someone, you have to implicitly
trust: you have his/her certificate loaded in your browser
(a root Certificate). A certificate, contains information
about the owner of the certificate, like e-mail address, owner's
name, certificate usage, duration of validity, resource location
or Distinguished Name (DN) which includes the Common Name
(CN) (web site address or e-mail address depending of the
usage) and the certificate ID of the person who certifies
(signs) this information. It contains also the public key
and finally a hash to ensure that the certificate has not
been tampered with. As you made the choice to trust the person
who signs this certificate, therefore you also trust this
certificate. This is a certificate trust tree or certificate
path. Usually your browser or application has already loaded
the root certificate of well known Certification Authorities
(CA) or root CA Certificates. The CA maintains a list of all signed certificates as well as a list of revoked certificates.
A certificate is insecure until it is signed, as only a signed
certificate cannot be modified. You can sign a certificate
using itself, it is called a self signed certificate. All
root CA certificates are self signed. click here
to check the Certificate |
As You may have noticed, the certificate contains the reference
to the issuer, the public key of the owner of this certificate,
the dates of validity of this certificate and the signature
of the certificate to ensure this certificate hasen't been
tampered with. The certificate does not contain the private
key as it should never be transmitted in any form whatsoever.
This certificate has all the elements to send an encrypted
message to the owner (using the public key) or to verify a
message signed by the author of this certificate. |
|
|
|
|