User Manual

ManualsBrandsSiemens ManualsBuilding automationDesigo CC MP 5.0 BACnet Server, BACnet Protocol Implementation Conformance Statement (PICS), Basic Documentation

Cybersecurity Basics

SSL Certificates

20 | 88

A6V11646120_enUS_c_41

Unified SSL Certificate/Multi-Domain SSL Certificate/SAN Certificate

The unified SSL certificate secures up to 100 domains using the same certificate with

the help of the SAN extension. It is especially designed to secure Microsoft Exchange

and Office Communication environments.

Once you choose what type of SSL certificate you require, you must obtain it from a

trusted CA.

Where you can get SSL certificates

Probably the most important part of an SSL certificate is where it comes from. SSL

certificates are issued by Certificate Authorities (CAs), organizations that are trusted to

verify the identity and legitimacy of any entity requesting a certificate.

The CA’s role is to accept certificate applications, authenticate applications, issue

certificates, and maintain status information on certificates issued.

You may also be able to purchase digital certificates from a domain name registrar or

website hosting provider.

Certificate authority (CA)

A certificate authority is an entity which issues digital certificates to organizations or

people after validating them. Certification authorities have to keep detailed records of

what has been issued and the information used to issue it and are audited regularly to

make sure that they are following defined procedures. Every certification authority

provides a Certification Practice Statement (CPS) that defines the procedures that will

be used to verify applications. There are many commercial CAs that charge for their

services (VeriSign). Institutions and governments may have their own CAs, and there

are also free Certificate Authorities.

Every certificate authority has different products, prices, SSL certificate features, and

levels of customer satisfaction.

Browser compatibility

The certificate that you purchase to secure your website must be digitally signed by

another certificate that is already in the trusted store of your user's web browser. By

doing this, the web browser will automatically trust your certificate because it is issued

by someone that it already trusts. If it is not signed by a trusted root certificate, or if

links in the certificate chain are missing, then the web browser will give a warning

message that the website may not be trusted.

So, browser compatibility means that the certificate you buy is signed by a root

certificate that is already trusted by most web browsers that your customers may be

using. Unless otherwise noted, the certificates from all major certificate providers listed

on SSL Shopper are compatible with 99% of all browsers.

How many domain names can be secured

Most SSL server certificates will only secure a single domain name or subdomain. For

example, a certificate could secure www.yourdomain.com or mail.yourdomain.com but

not both. The certificate will still work on a different domain name, but the web browser

will give an error anytime it sees that the address in the address bar does not match

the domain name (called a common name) in the certificate. If you need to secure

multiple subdomains on a single domain name, you can buy a wildcard certificate. For

a wildcard certificate, a common name of *.yourdomain.com would secure

www.yourdomain.com, mail.yourdomain.com, secure.yourdomain.com, and so on.

There are also special certificates such as Unified Communications (UC) or Multi-

Domain SSL certificates that can secure several different domain names in one

certificate.