45th Parallel Internet Services Banner


Forgot Your Password?
No Account? Register Here!

What Are TLS/SSL Certificates?

*** NOTICE ***
Sale of 2-Year TLS/SSL Certificates was discontinued effective August 31, 2020
More Information

AlphaSSL TLS/SSL Authorized Partner Image
GlobalSign TLS/SSL Authorized Partner Image

The Transport Layer Security (TLS) and Secure Sockets Layer (SSL) are the most widely deployed security protocols used today. They are essentially protocols that provide a secure channel between two machines operating over the Internet or an internal network. In today's Internet focused world, we typically see TLS/SSL in use when a web browser needs to securely connect to a web server over the insecure Internet. However, SSL will be replaced by TLS in early 2020 as SSL has experienced too many vulnerabilities. Transition from SSL to TLS will be transparent to users as those protocols are part of the computer operating system. A TLS/SSL Certificate will work with either TLS or SSL.

Technically, TLS/SSL is a transparent protocol which requires little interaction from the end user when establishing a secure session. For example, in the case of a browser, users are alerted to the presence of TLS/SSL when the browser displays a padlock or, in the case of an Extended Validation TLS/SSL, the address bar displays both a padlock and a green bar. This is the key to the success of TLS/SSL -- it is an incredibly simple experience for end users.

Extended Validation (EV) TLS/SSL Certificates
(Such As the GlobalSign ExtendedSSL)

Extended Validation EV TLS/SSL Example

Standard TLS/SSL Certificates
(Such As the AlphaSSL DomainSSL and GlobalSign DomainSSL and OrganizationSSL)

Standard TLS/SSL Example

As opposed to HTTP URLs which begin with http:// and use port 80 by default, HTTPS URLs begin with https:// and use port 443 by default.

The HTTP protocol is insecure and is subject to eavesdropping attacks which, if critical information like credit card details and account logins is exchanged between your website and a visitor/customer, it can be intercepted by a third party (a hacker) allowing the hacker to gain access to online accounts and sensitive information. Once that hacker gets the desired information, they can then pose as legitimate users on your website and use real names and passwords to access your visitor's accounts or worse. When data is either sent or posted through a browser using the HTTPS protocol, such information is encrypted and is secure. HTTPS encryption only allows hackers to see gibberish instead of readable text.

In practice, a TLS/SSL Certificate is needed to be installed on your website in order to use the HTTPS protocol which will allow you to encrypt your inbound and outbound transmissions for the following functions (not all inclusive):
  • To secure online credit card transactions — in 2018, 1.8 billion users purchased goods online spending over $2.8 trillion. TLS/SSL should have been used to secure each and every one of these transactions. Projections show that global e-retail sales are going to grow to up to $4.8 trillion by 2021.
  • To secure online system logins, sensitive information transmitted via web forms, or protected areas of websites.
  • To secure webmail and applications like Outlook Web Access, Exchange and Office Communications Server.
  • To secure workflow and virtualization applications like Citrix Delivery Platforms or cloud based computing platforms.
  • To secure the connection between an email client such as Microsoft Outlook and an email server such as Microsoft Exchange.
  • To secure the transfer of files over https and FTPS/SFTP services such as website owners updating new pages to their websites or transferring large files.
  • To secure hosting control panel logins and activity like Parallels, cPanel and others.
  • To secure intranet based traffic such as internal networks, file sharing, extranets, and database connections.
  • To secure network logins and other network traffic with TLS/SSL VPNs such as VPN Access Servers or applications like the Citrix Access Gateway.
All these applications have a number of shared themes:
  • The data being transmitted over the Internet or network needs confidentiality; in other words, people do not want their credit card number, account login, passwords, or personal information to be exposed over the Internet.
  • The data needs to remain integral, which means that once credit card details and the amount to be charged to the credit card have been sent, a hacker sitting in the middle cannot change the amount to be charged and where the funds should go.
  • Your organization needs to assure your customers/extranet users that you really are who you say you are and not someone masquerading as you.
  • Your organization needs to comply to regional, national or international regulations on data privacy, security and integrity.

It should be noted that Google (and possibly other internet search engines) will give priority in search results to secured websites using the https protocol and, in the future, may (or already does) give security warnings about non-secure websites using the http protocol, especially when using the Google Chrome browser. Other browsers may follow suit in the future. Such actions may decrease the number of visitors to your website and, if you are doing ecommerce on your website, adversely affect your bottom line.

Use Your Browser's BACK Function
To Return To The Previous Page
Copyright © 1997-2020 45th Parallel Internet Services
All Rights Reserved

Address Questions or Comments To Our Our

Sales Department

Powered By Apache