The Dangers Of SSL Certificates

SSL certificates are an important aspect of the Secure Socket Layer or SSL protocol system. The SSL system was brought in place to provide a safe and secure interchange of encoded information between a server and its client.

SSL certificates are given only to those sites that have implemented secure transaction connections.

What is SSL Certificate?

The SSL certificates are designed to provide information on the person who owns the certificate. All website owners should invest some time and effort in taking the SSL certification from the certificate authority or CA. This will show the web users that the owner has proven identity and therefore the website can be browsed without fear of being duped.

How to Get an SSL Certificate?

Website owners can buy authentic certificates from a certificate authority. These are mainly third-party vendors that authenticate the identity of the website and its owner/s. Verified owner/s receive a signed certificate which proves that the website owner is not involved in nefarious activities and that he/she promises to keep a secure and safe website for the users.

All website owners who receive the SSL certification should get their authentication chronicled in the public access list of the certificate authority. The web users can check the list for the website they wish to navigate. The certificate authority use RapidSSL, Comodo and VeeriSign.

Which is Better; a Self-Signed or Secure Certificate?

Many times website owners prefer to use a self-signed certificate as opposed to the ones signed by the certificate authority. The reason is that the former are charge-free whereas you have to pay for the latter. When website owners use self-signed SSL certificates they take the guarantee of providing safe and secure connections to all their users. However, since no authority has taken the guarantee of the website many users hesitate to do their transactions over such websites.

The Flip Side of SSL Certification

1. Gives Out Personal Information

SSL certificates are often held responsible for leak/theft of personal information. A person well-versed with SSL technology can easily steal information like credit-card numbers and other sensitive data like usernames and passwords. So people who use the internet for financial transaction should check the identity and legitimacy of the certificate authority as well.

2. Gives Information About the Host System

SSL certificates include information on the host computer system as well. A hacker can use this information to easily break into the host system and extract important and sensitive information. While using the website if you come to a page that shows you an unknown security certificate, then navigate away from the page without downloading it; else you may unwittingly lead a hacker to cause break-in on your system.

3. Makes Service Log Vulnerable

A server log is used as a track record of all the activities that take place on a particular server. Another disadvantage of having SSL certification is that it creates risk of exposure of the server log. Unrecognized certificate authorities can make use of the service log information for various misdeeds. Therefore, service logs should be protected by seeking SSL certificates from legitimate certificate authority.



This entry was posted in Web
Anubha Pandey