Websites|Web Hosting|Online Marketing|Training|Other Services
Why A Website?
Internet Statistics
Website Examples
About Us
Recommend Us
Support Forum

Get a Merchant Account

Click Here to get a Hassle Free Merchant Account Now.
Home arrow Other Services arrow SSL Certificates arrow SSL FAQs
SSL FAQ's

Are GeoTrust's certificates 128 bit?

Our certs are all 128-bit. For each and every session, the server and browser negotiate and choose the highest common encryption strength between them. So if a 40-bit browser user hits your SSL-secured site, the resulting connection will automatically become a 40-bit strength encryption.

GeoTrust recommends that end-user Subscribers select the 1024-bit encryption strength or the equivalent descriptor option when generating their certificate requests. When the certificate's key length is 1024 or longer, the SSL session key will be 128 bit. If the certificate key length is 512, the SSL session key will be 40 bit or 56 bit. If you are running Windows, see Microsoft's bulletin Q300398: "You install a 128-bit high encryption certificate onto Internet Information Server (IIS) version 4.0 or 5.0, then browse with a 128-bit enabled Web browser to IIS by using https://. However, the Web browser only makes a 40-bit or 56-bit Secure Sockets Layer (SSL) session with IIS (size 7927 bytes, updated 6/13/2001 12:54:00 PM GMT)"

Why do I need a separate IP address per domain that I want to secure?

You need to have a separate IP address for each domain you want to secure. The reason for this is because a certificate is bound only to a domain name but, the SSL protocol is bound to static IP addresses; therefore, any certificate-enabled web site must have its own unique IP address.The IP can be real (routable) or internal (RFC 1918 non-routable address) but, it must be unique on a server.

How does a server certificate work?

The end-user's browser requests a secure channel (via "https:") from the server, and then - if the server has a cert - the browser and the server negotiate their highest common encryption strength (e.g., 128-bits), and then exchange the corresponding encryption keys (this exchange is normally done using 1024-bit encryption strength). The 128-bit encryption key is then used for this particular instance of SSL, for all from-to exchanges between the browser and the server. The next https session will have a new session key. The certificate guarantees the security of the connection between the browser and the server. Once data is in the server, it is up to the server admin to make sure the data remains protected

 

Sign up for PayPal and start accepting credit card payments instantly.
© 2008 Aerowebworks
Joomla! is Free Software released under the GNU/GPL License.