- Worldstart's Tech Tips And Computer Help - http://www.worldstart.com -

Web Site Certificates

Can you please go over what Web site certificates are? I’m having a little trouble understanding their purpose. Thanks for all your help!

Wow, you guys come up with some really great questions! I have to tell you, the Q&A section of the newsletter is my favorite, because often times, the questions that are asked are ones that can help everyone. They’re not just about one person’s computer or about one specific problem someone is having. No, you all ask questions about very broad topics and that’s perfect for this part of WorldStart’s newsletter. We want to help as many people as we can and I truly believe we’re doing that by answering the questions you ask. And today’s topic is no exception. You asked about Web site certificates and that’s exactly what you’re going to learn all about today!

First of all, if a certain company or organization wants their Web site to use encryption and be secure, they must obtain a site (or host) certificate. If they don’t, they will not be registered as a secure Web site. So, how do you tell if a site is secure or not? Well, we’ve gone over this before, but let’s cover it one more time, just to be sure we’re all on the same page. There are two things you can check on to find out if a site is secure or not. The first is generally some type of lock or key symbol, usually located in the address bar. The second is how the Web site’s URL reads. On a secure site, the very beginning part will always be “https,” rather than just “http.” That extra “s” makes all the difference when it comes to security.

So, if you’re visiting a site, and you see either of those things, the site will have a certificate. Clicking on the icon in the address bar in either Internet Explorer or Firefox, will bring up a menu from which a certificate can be viewed.

Internet Explorer


Once you do that, a certificate dialogue box will pop up and you can read all about it. It will tell you the purpose of the certificate, who it’s issued to, who it was issued by and when it expires. (If the site you’re on just uses the “https” method, just double click in the area where the padlock usually sits. Doing that will bring up the same certificate box for you). For example, when you purchase something from WorldStart’s software store, the checkout page is secure. If you click the icon in the address bar of that page, you will be able to see our certificate.

Another way you can view a site’s certificate, is through your browser’s menu options. In Internet Explorer, go to File, Properties

In the Properties dialog box, click the Certificates button.

The same dialogue box will then come up for you.

In Firefox, go to Tools and select Page Info

Under the Security tab, click on the View Certificate button to see that site’s certificate.

That may be an easier way for you to access the certificate information.

Site certificates are mainly put in place to protect users from malicious attacks and identity theft. For instance, if we here at WorldStart didn’t have a certificate on our checkout page, hackers could get in and steal your credit card number and any other information they wanted from you. That goes for any Web site that sells products or asks you for any personal information. It’s very important to check the sites you visit, to see if they’re secure or not. If you don’t, you could be putting yourself at risk for big trouble. All you have to do is glance toward the top or bottom of your browser to make sure it’s protected. I mean, what’s a few seconds when it comes to your safety?!

If a Web site has a certificate, that means they have registered their site and everything has been approved. There are two things that have to be done before a site is approved. The certificate authority has to make sure the Web address given matches the address on the certificate, and they have to sign the certificate, so that it can be recognized as a trusted authority. You can look for both of those things when you look at a site’s certificate as well. So, I’m sure you’re probably wondering how much you can really trust a site’s certificate, right? Well, the trust you have for a site really depends on how much trust you have for the company you’re dealing with, but if all the information matches up and the date on the certificate is valid, everything should be just fine. The only other way to be sure, is to call the company yourself and check on their site regulations. It’s your call!

Now, there may be times when you run into a certificate error. That could be caused by various things, such as the names on the certificates not matching up, or if the certificate has expired. If an error occurs, you will always have the opportunity to look over the certificate and you can then either accept it for good, accept it for that particular visit only or you can choose not to accept it at all. From there, you can choose whether or not to trust the site. If you do, you can go about your business, but if you don’t, you should refrain from submitting any personal information. Along with checking on a site’s certificate, you should also read their Privacy Policy. Keeping yourself safe is the most important thing, and you should do whatever it takes to stay that way.

So, now that you know all about Web site certificates, you may want to go and check on some of your favorite sites. Are they secure? Check it out!

~ Erin