Questions
Which
VeriSign SSL Certificates are capable of 128-bit encryption?
Which
VeriSign SSL Certificates are capable of 256-bit encryption?
Which
VeriSign SSL Certificates trigger the green address bar in high-security
browsers?
Which
VeriSign services are available to companies located outside the U.S.?
Can
I share SSL Certificates on multiple servers with the same domain name?
What
is Managed PKI for SSL?
Can
I purchase multiple certificates without buying Managed PKI for SSL?
What
are the responsibilities of the administrator for Managed PKI for SSL?
What
if someone from my organization orders a certificate directly from VeriSign
rather than from our Managed PKI for SSL administrator?
Do
I need software or hardware to manage SSL Certificates with Managed
PKI for SSL?
Answers
Which VeriSign SSL Certificates
are capable of 128-bit encryption?
All VeriSign SSL Certificates are capable of
128-bit SSL encryption as long as users have the right browser and operating
system.
Millions of Internet users worldwide use browsers
that will not connect at 128-bit encryption unless there is an SGC-enabled
certificate on the server. Other SSL providers claim to offer “128-bit
certificates,” but they do not offer 128-bit SSL encryption to the most
possible site visitors. VeriSign (including its subsidiaries, affiliates,
and resellers) is the leading SSL provider to offer SGC-enabled SSL
Certificates, which provide 128- or 256-bit encryption to over 99.9%
of Web site visitors. (SGC:
Strongest SSL Encryption.)
Which VeriSign SSL Certificates
are capable of 256-bit encryption?
All VeriSign SSL Certificates offer 256-bit
encryption if the browser and server software both support SSL encryption
at this level. Some browsers (such as Mozilla Firefox) and servers are
capable of 256-bit SSL encryption. When 256-bit-capable browsers and
servers connect to each other, all VeriSign SSL Certificates enable
a 256-bit session. A number of leaders in the e-commerce space use VeriSign
SSL Certificates to enable 256-bit SSL sessions today.
Which VeriSign SSL Certificates
trigger the green address bar in high-security browsers?
To trigger the green address bar, an SSL Certificate
must meet the Extended Validation Standard. VeriSign offers several
“EV” SSL Certificates:
Secure
Site Pro with EV: True 128-bit SSL with Extended Validation
Managed
PKI for SSL Premium EV: True 128-bit SSL with Extended Validation
Managed
PKI for SSL Standard EV: Standard encryption with Extended
Validation
Which VeriSign services are
available to companies located outside the U.S.?
VeriSign SSL Certificates are available for
purchase worldwide. If your business or servers are located outside
the United States, you can purchase our certificates from a VeriSign affiliate
in your country, purchase Secure Site or Secure Site Pro SSL
Certificates online directly from VeriSign, or contact
our sales department for Managed PKI for SSL services.
Can I share SSL Certificates
on multiple servers with the same domain name?
The VeriSign subscriber agreement prohibits
customers from using a certificate on more than one physical server
or device at a time, unless the customer has purchased the Licensed
Certificate Option. VeriSign’s licensing policy allows licensed certificates
to be shared in the following configurations: redundant server backups,
server load balancing, and SSL accelerators. See Licensing
VeriSign Certificates: Securing Multiple Web Server and Domain Configurations
for more information.
What is Managed PKI for SSL?
Managed
PKI for SSL is a service to purchase, issue, and manage multiple
SSL Certificates. It is recommended for any organization with more than
5 certificates. Your administrator buys multiple standard or true
128-bit SSL Certificates and issues them instantly as needed
to servers or domains using our Web-based management interface.
Can I purchase multiple certificates
without buying Managed PKI for SSL?
You can purchase as many SSL Certificates as
you need without Managed PKI for SSL, but managing enrollment, issuance,
and renewals of multiple certificates one-by-one is tedious and time-consuming.
The Managed PKI for SSL single point of control gives you one interface
with audit logs to manage certificates for your whole organization.
When you purchase certificates in multiples, you may save 20% to 40%
or more (depending on the number and type of certificates purchase).
Each certificate’s validity period begins when it is issued by the Managed
PKI for SSL administrator. See 10
Tips for Managing Multiple Servers for more information.
What are the responsibilities
of the administrator for Managed PKI for SSL?
The administrator for Managed PKI for SSL becomes
the SSL Certificate Authority (CA) for your domain. Using the Web-based
MPKI for SSL Control Center, the administrator can issue, renew, and
revoke certificates. The administrator also manages access privileges
and can customize enrollment pages. VeriSign manages the back-end services
in our state-of-the-art facilities.
What if someone from my organization
orders a certificate directly from VeriSign rather than from our Managed
PKI for SSL administrator?
During enrollment, VeriSign compares the domain
name listed in the Certificate Signing Request (CSR) to the domains
associated with all Managed PKI for SSL accounts. If someone from your
organization applies to VeriSign directly for a certificate, we notify
the user that your organization already has a Managed PKI for SSL account
and present the user with the option of continuing with either the "retail"
enrollment path or the Managed PKI for SSL enrollment path associated
with that domain name. “Domain blocking,” an optional feature for Managed
PKI for SSL customers, will disable the retail enrollment path.
Do I need software or hardware
to manage SSL Certificates with Managed PKI for SSL?
A Web browser with access to the Internet is
the only thing your organization needs to use Managed PKI for SSL or
Managed PKI for Intranet SSL. VeriSign provides the rest. Managed PKI
for SSL service components are accessed using SSL encryption and 2-factor
authentication.
Worldwide Sites
