SSL Certificaten

From Cncz
Jump to navigation Jump to search

SSL certificates

Any service accessible via SSL (https) has to have a SSL certificate, including any web server with encrypted or "secure" content. An SSL (Secure Socket Layer) certificate is a signed electronic guarantee that a particular server is the server it is claiming to be. They are used primarily (but not exclusively) as part of providing web pages via an encrypted connection. A certificate is signed by a Certificate Authority (CA) which ensures the integrity of the certificate.

A few Certificate Authorities are, by default, trusted by SSL clients (including web browsers), ie. Verisign, Thawte and GlobalSign, so certificates signed by these companies are validated without user confirmation. Until recently C&CZ signed its own certificates but now all certificates (through Surfdiensten) of servers and webapplications are signed by GlobalSign. That means that the former root certificate of C&CZ ( is no longer needed.

Obtaining a Certificate

SSL certificates are used as proof of the validity of the web site or server a client connects to. Therefore it is not possible to acquire an SSL certificate for just any domain name. The Certificate Authorities check if the person or organisation requesting a certificate is indeed the owner of the domain name for which the certificate is requested. Domain names [[Domeinnaam registratie|registered] through C&CZ are always owned by the Radboud University. Therefore C&CZ can also request SSL Certificates for these domain names.