<p>1.&nbsp; What is the difference between various types of SSL digital certificates?</p> <p>How do I make a choice?The SSL digital certificates used for HTTPS of websites are currently divided into three types: DV SSL, OV SSL, and EV SSL. The differences are briefly described below.</p> <table border="1" cellpadding="1" cellspacing="1"> <tbody> <tr> <td> <p>Certificate</p> </td> <td> <p>DV SSL</p> </td> <td> <p>OV SSL</p> </td> <td> <p>EV SSL</p> </td> </tr> <tr> <td> <p>Recommended User</p> </td> <td> <p>Individuals</p> </td> <td> <p>Orgs. &amp; Enterprises</p> </td> <td> <p>Large Orgs. &amp; Enterprises</p> </td> </tr> <tr> <td> <p>Public trust level</p> </td> <td> <p>Normal</p> </td> <td> <p>High</p> </td> <td> <p>Very High</p> </td> </tr> <tr> <td> <p>Verifications</p> </td> <td> <p>Web Site</p> </td> <td> <p>Org. &amp; company validation</p> </td> <td> <p>Strictest validation</p> </td> </tr> <tr> <td> <p>Security</p> </td> <td> <p>Normal</p> </td> <td> <p>High</p> </td> <td> <p>Very High</p> </td> </tr> <tr> <td> <p>Trust Level</p> </td> <td> <p>Normal</p> </td> <td> <p>High</p> </td> <td> <p>Very High<br /> (green address bar)</p> </td> </tr> </tbody> </table> <p>2.&nbsp;How is an SSL digital certificate deployed on the server?</p> <p>First, log into the Ping An Cloud management console.</p> <p>Secondly, on the Certificates Service - Purchase Certificate page, find the relevant certificates that have been issued and click Download under the Operation column.</p> <p>On the My Orders page, find the relevant certificates that have been issued and click Download.</p> <p><img src="https://obs-cn-shanghai.yun.pingan.com/pacloud/20180612162140-12c802d5946a.png" style="height:326px; width:830px" /></p> <p>On Download Certificate page, download the server certificate, select a different server type, view the detailed deployment steps, and follow the steps to deploy and install the certificate to get HTTPS trusted access to the website.</p> <p><img src="https://obs-cn-shanghai.yun.pingan.com/pacloud/20180612161539-1e02240f9578.png" style="height:480px; width:830px" /></p> <p>3. What if the SSL certificate expires?</p> <p>After the SSL digital certificate expires, you will not be able to continue using it. You need to renew your certificate before it expires. After the renewal, the Certificates Service system will copy the information of the current certificate order to the renewal one, and automatically submit the renewal certificate order for review.</p> <p>After the review, you will receive a new digital certificate, and you need to install it on your server to replace the one that is about to expire.</p> <p>4. How does the browser check if the SSL certificate is working properly?</p> <p>The SSL digital certificate must be issued by the &quot;trusted root certificate authority&quot; in the browser after verifying the identity of the server, with dual functions of website authentication and encrypted transmission.</p> <p>After configuring the SSL digital certificate, if you can access your website using https://, it means that the website has deployed an SSL certificate.</p> <p><strong>Steps</strong></p> <p>In the browser address bar, enter https:// + the domain name to which your digital certificate is bound (eg. https://pinganyun.com).</p> <p>Press Enter to access your website via HTTPS.</p> <p>If the website page can be accessed normally, and the security lock flag is displayed in the address bar of the browser, it indicates that your SSL digital certificate has been successfully deployed.<br /> &nbsp;</p> <p>5.&nbsp;What are the formats of mainstream digital certificates?</p> <p>In general, mainstream Web service software is usually based on OpenSSL and Java (2 basic password banks).</p> <p>Web service software such as Tomcat, Weblogic, and JBoss generally uses the password bank provided by Java. Certificate documents in the format of Java Keystore (JKS) are generated using the Keytool in the Java Development Kit (JDK).</p> <p>Web service software such as Apache and Nginx generally uses the password bank provided by OpenSSL to generate certificate documents in the formats of PEM, KEY, CRT, etc.</p> <p>IBM&#39;s Web service products, such as Websphere, IBM Http Server (IHS), generally use the iKeyman that comes with IBM products to generate certificate documents in the format of KDB.</p> <p>The Internet Information Services (IIS) in Microsoft Windows Server use the certificate bank that comes with Windows to generate certificate documents in the format of PFX.</p>
Did the above content solve your problem? Yes No
Please complete information!

Call us


Email us


Online customer service

Instant reply

Technical Support

cloud products