Website Security Certificates
Have you ever seen website security certificates ? Green or Red Padlock?
You may all have seen those little red or green padlock icons in the address bar of a web browser.
Some web pages show it with the red padlock and a red stroke and some show it with a locked green padlock.
What exactly is the difference and why does the browser display these padlocks like that?
These icons show the status of the web page certificates.
A certificate is a digital identity file that proves the identity of the web page. We use it to prove to our visitors that the website is genuine. When you see the green locked padlock you can feel safe: Attackers have not compromised this website. The web page is indeed what it appears to be.
How do malicious users attack websites ?
Malicious attackers could somehow redirect the domain name that you typed to their own servers. These servers have the content that the attacker has chosen. It may be a copy of the genuine page only with such interventions to enable their malicious cause. For example, you could be trying to buy something from the page’s online store and find yourself actually giving away your credit card information to the attackers.
A certificate would prove that the page is genuine and you are safe when accessing this web site.
How can you use website security certificates to improve security ?
…and why should you trust the certificate and the green padlock?
To make your page more secure and provide your visitors with assurance that they are accessing your genuine site and that you are not the victim of hacking i.e. you are protecting your users information, you can install a certificate on your page.
To do this, you provide details about the web page to a trusted authority. This authority “certifies” your web site by providing you with a digital file called the certificate.
This authority (certification authority) is one of a few widely known companies which provide the relevant technology. They have some information stored in all the common browsers which enable the browser to check the validity of a certificate.
How does the certificate work ?
When you access a web page, your browser always checks if there is a certificate on this web page.
If it does not find one, then the page is “insecure” i.e. you are not assured and the red open padlock appears. This is the case with many web pages today.
If the browser finds a certificate on the page, then it will check the validity of that certificate using the stored information by the relevant authority. If the certificate is valid, then the green padlock appears and the web site is “trusted by the browser”. This means that it has passed the identification check. You can now be assured that this web page is genuine.