SSL Certificates
From Dev411: The Code Wiki
SSL server certificates the normal means web servers use to create a HTTPS encrypted channel with a web browser. SSL client certificates can be accessed by browsers to perform client authentication during an SSL handshake, however this is not popular nor the norm.
SSL encryption is important when transmitting sensitive information. Home banking and stock brokerage sites typically have their entire account website under SSL. Some other sites let you optionally choose to login sending your password under SSL but the rest of the information in your session is sent in the clear. Cookies can set secure so that they are only sent over an encrypted channel.
| Table of contents |
Commercial SSL Server Certificate Providers
Many SSL certificate providers charge an ongoing fee to receive and keep a SSL server certificate. The primary benefit for buying a commercial SSL server certificate is that the CA Root certificate from which the SSL server certificate is issued is embedded in more web browsers than a free one.
- GeoTrust (http://www.geotrust.com) (commercial)
- [http://www.thawte.com/ Thawte (owned by VeriSign) (commercial)
- VeriSign (http://www.verisign.com) (commercial)
Free SSL Certificate Providers
There are also a number of free SSL certificate providers. CAcert appears to be the most popular, having issued over 100,000 certificates (http://www.cacert.org/stats.php). So far, free CA's do not have their root certificates embedded in the popular browsers (IE, FireFox, etc.), however the do verify that you are responsible for the domain you request a certificate for. This is similar to what some commercial SSL certificiate providers do for verification. Perhaps browsers will start to install these root certs at some time in the future.
SSL Toolkits
SSL toolkits provide cryptographic capabilities and are used by software that need encryption. The OpenSSL toolkit is popular and used to provide HTTPS with webservers such as Apache and lighttpd.
- OpenSSL (http://www.openssl.org) (free, open source)
