It is the HTTPS protocol which manages these security measures. On the Internet, you browse on a “non-secure” site if it uses the HTTP protocol (url header), and on a secure site if it uses the HTTPS protocol. For example :
Not secure : : http //www.domain . | Secure : : https//www.domain .
Internet browsers know how to recognize the SSL certificates present and establish an encrypted connection between the Internet site hosted on the secure web server and the site user.
In most cases, the verification process takes less than 24 working hours after receipt of proof of identification to validate the certificate. Extended Validation may, however, take longer, due to additional verifications or if Sectigo requests additional information or additional documents.
SSL certificates must be renewed annually. The “automatic” SSL certificates will also be renewed automatically each year.
SSL certificates work on a chain of trust principle, from a Root certificate held by a certification authority to the certificate installed on your server.
Without an intermediate certificate, some old browsers or Firefox can “misinterpret” the certificate.
Gandi provides its certificates from an “intermediate” certificate, or an heir of the “trust” of the “root” certificate of the Certification Authority.
This allows us to reduce the risks because in this way all the certificates provided by Gandi can be revoked and re-validated without revoking the root certificate, in case the security of the intermediate certificate is compromised. Most online traders use intermediate certificates for this reason.
You can find more information about Root certificates on the dedicated article on Wikipedia.
You can download and install the Gandi intermediate certificate (also called Operational Certification Authority) at the same time as your SSL Certificate so that visitors to your site (at least their browser) can download it automatically and validated from the trust. Instructions for downloading the intermediate certificate are provided with those for downloading your certificate (it is downloadable directly from the same page as the SSL certificate itself).
Our certificates are linked to one (or more) domain or subdomain names and not to an IP address specific to a server hosting the security service.
In fact, if the protected sites are distributed over several servers, or if you have the same site on several web servers (Failover, load balancing, etc.), only one certificate is necessary, you can therefore install the same certificate on several servers. Just check that the installed certificate covers the addresses protected by the certificate on the server concerned.
You will need to use a “Wildcard” or “Multi-domain” certificate if you want to secure multiple domains / subdomains.
Otherwise, certificate errors may occur.
Yes, you can install your certificate on the server of your choice (apart from the free automatic certificates from Simple Hosting) since the certificate is linked to the domain name and not to a specific host.
For it to be validated, however, the DNS must be up to date and the corresponding domain name must refer to the host on which it is installed.
Generally, it will be necessary to have “root” or administrator rights on the server concerned to install an SSL certificate.
To protect the user, you have the possibility (from the Pro certification level) to add additional insurance in case the security of the certificate is compromised.
This insurance will cover the financial losses caused by the breach.
This additional service, the ability to display it on your site via the certification logo, gives your customers the assurance that the transaction is secure and guaranteed.
Providing secure and insured transactions makes the management of your business safer, safer to use for your customers and produces added value.
Be careful, however, this guarantee only covers a flaw in the certificate, not the site itself.