Difference between revisions of "SSL Certificaten"

From Cncz
Jump to: navigation, search
([SSL certificaten][SSL certificates])
([Certificaten verkrijgen][Obtaining a Certificate])
Line 16: Line 16:
  
 
[nl]
 
[nl]
Omdat een SSL Certificaat gebruikt wordt als '''bewijs''' dat de website of server waarmee een client contact maakt valide is, kan niet zomaar iedereen een certificaat aanvragen voor een willekeurige domeinnaam.  De Certificate Authority controleert dat de aanvrager de rechtmatige eigenaar is van de domeinnaam waarvoor het certificaat wordt aangevraagd.  Domeinnamen die via C&CZ worden [[Domeinnaam registratie|geregistreerd]] komen op naam van de Radboud Universiteit te staan.  Voor zulke domeinnamen kan C&CZ ook een SSL Certificaat aanvragen.
+
Omdat een SSL Certificaat gebruikt wordt als '''bewijs''' dat de website of server valide is, kan niet zomaar iedereen een gesigneerd certificaat aanvragen voor een willekeurige domeinnaam.  De Certificate Authority controleert dat de aanvrager de rechtmatige eigenaar is van de domeinnaam waarvoor het certificaat wordt aangevraagd.  Domeinnamen die via C&CZ worden [[Domeinnaam registratie|geregistreerd]] komen op naam van de Radboud Universiteit te staan.  Voor zulke domeinnamen kan C&CZ ook een SSL Certificaat aanvragen.
 
[/nl]
 
[/nl]
  
 
[en]
 
[en]
SSL certificates are used as '''proof''' of the validity of the web site or server a client connects to.  Therefore it is not possible to acquire an SSL certificate for just any domain name.  The Certificate Authorities check if the person or organisation requesting a certificate is indeed the owner of the domain name for which the certificate is requested.  Domain names [[Domeinnaam registratie|registered] through C&CZ are always owned by the Radboud University.  Therefore C&CZ can also request SSL Certificates for these domain names.
+
Because SSL certificates are used as '''proof''' of the validity of the web site or server, it is not possible to acquire a signed SSL certificate for just any domain name.  The Certificate Authorities check if the person or organisation requesting a certificate is indeed the owner of the domain name for which the certificate is requested.  Domain names [[Domeinnaam registratie|registered] through C&CZ are owned by the Radboud University.  Therefore C&CZ can also request SSL Certificates for these domain names.
 
[/en]
 
[/en]
  
 
[[Category:Internet]]
 
[[Category:Internet]]

Revision as of 17:55, 20 November 2010

SSL certificates

Any service accessible via SSL (https) must have an SSL certificate. This includes any web server with encrypted or "secure" content. An SSL (Secure Socket Layer) certificate is a signed electronic guarantee that a particular server is the server it claims to be. Certificates are used primarily (but not exclusively) for providing web pages via an encrypted connection. A certificate is signed by a Certificate Authority (CA) which ensures the integrity of the certificate.

A few Certificate Authorities such as Verisign, Thawte, and GlobalSign are automatically trusted by SSL clients (including web browsers), so certificates signed by these companies are validated without user confirmation. Until recently C&CZ signed its own certificates but now all certificates of servers and web applications are signed by GlobalSign (through SURFdiensten). This means that the former root certificate of C&CZ (certificate.science.ru.nl) is no longer needed.

Obtaining a Certificate

Because SSL certificates are used as proof of the validity of the web site or server, it is not possible to acquire a signed SSL certificate for just any domain name. The Certificate Authorities check if the person or organisation requesting a certificate is indeed the owner of the domain name for which the certificate is requested. Domain names [[Domeinnaam registratie|registered] through C&CZ are owned by the Radboud University. Therefore C&CZ can also request SSL Certificates for these domain names.