Operating a secure server addresses two issues: proving that you (the server
operator) are who you say you are, and preventing data from being intercepted
and decoded by a less than nice person. The certificate authority is a
company such as
Thawte. Their role is to grant the
certificate to the site operator, and in doing so guarantee to the visitor
to the site that they are in fact at a site owned and/or operated by the
company that purchased the certificate.
The Certificate Authority has rules and regulations regarding the issuance
of certificates, such as only granting a certificate to the company
designated as the owner of the domain. This would preclude someone from
trying to get a certificate claiming they are a well know company, unless
they are in fact authorized by an officer of that company to obtain the
OBTAINING A CERTIFICATE.
The exact steps involved in getting a certificate to install on your
site vary depending on which web software package you are running. The
general idea is this:
Generate a Certificate Signing Request (CSR). The method to
create this information varies from server to server, but the result
is the same: to create a strange looking mush of numbers and letters
that contain information such as: company name, address, server name,
state and so on. You will need to know which Certificate Authority
you will be using.
Follow the procedures outlined at the Certificate Authority for
submitting your CSR. Be sure to complete all information accurately
as any mistakes will delay processing.
Wait... The Certificate Authority will do a little investigation
to make sure you are in fact who you claim to be!
Install your certificate. Again, this procedure will vary from
server to server. Each secure server package has some type of utility
that allows you to install a certificate on the server.
If you are curious, after spending a couple of hundred bucks or so,
this is what you get back: