  Using security certificates on your web site
Certificates are a way of securing the transmission of private documents on the Internet using the Secure Socket Layer (SSL) protocol. Using security certificates, SSL creates a private key to encrypt data that is transferred over a secure connection. A certificate authority, such as Verisign, holds the certificate for a specific site so the client can verify a connection is authentic.
One advantage of SSL is that it is application protocol independent. This means a higher-level protocol can layer on top of the SSL Protocol transparently. Both Netscape Navigator and Intet Explorer support SSL, and many web sites use the protocol to obtain confidential user information, such as credit card numbers. By convention, Web pages that require an SSL protocol connection start with HTTPS, instead of HTTP and will have a browser lock(s) on the bottom of the secured web page:
 Internet Services supports SSL as a method of providing secure communication over the HTTP protocol. Internet Services supports SSLv2, SSLv3, and TLSv1 and both strong and weak (export) encryption levels but does not not support the use of IDEA encryption algorithms. You can create a security certificate for your FirstClass site or for individual protocols, such as SMTP, POP3, IMAP4, and LDAP. You enable certificates for POP3, IMAP4, or SMTP on the Advanced Mail form and LDAP on the Advanced Directory form.
Another option, is to purchase a wildcard certificate (for example, *.mysite.com) to cover multiple protocols. You can do this if the last part of the domain name is common (for example, http.mysite.com, mail.mysite.com, ldap.mysite.com, pop3.mysite.com and so on) and you properly request the certificate. If you have different domains you will need separate certificates for each. For example, if you are hosting different sites with different domain names on separate clusters you will need separate certificates for each. Check with your certificate authority first for the proper value of your certificate before you purchase it.
You must place all certificates in the SSL Certificates folder, located in the Internet Services folder on the administrator’s Desktop:
 There are different types of security certificates you can use to secure your site. Depending on the type of site (server) certificate you purchase, you may require one or more, since you can use multiple-site certificates in a multiple-domain environment. Speak with your certificate authority first to verify what type of certificates you require for your site.
Note
Site certificates are issued by certificate authorities, such as Verisign or Thawte (for a list of different certificate authorities check your browser options or do an Internet search).
To create a site (server) certificate, see Creating a site (or server) security certificate.
To create an intermediate certificate, see Creating an intermediate security certificate.
Note
Not all sites require intermediate certificates. You must check with your certificate authority to determine if you require this type of certificate.
|