User Manual

ManualsBrandsSiemens ManualsBuilding automationDesigo CC MP 5.0 BACnet Server, BACnet Protocol Implementation Conformance Statement (PICS), Basic Documentation

Cybersecurity Basics

SSL Certificates

16 | 85

A6V11646120_enUS_b_40

The guidelines detailed in this document support a continuing process to achieve

Cybersecurity at system level.

1.4 SSL Certificates

SSL stands for Secure Sockets Layer, a global standard security technology that

enables encrypted communication between a web browser and a web server. It is

utilized by millions of online businesses and individuals to decrease the risk of

sensitive information (for example, credit card numbers, usernames, passwords,

emails, and so on) from being stolen or tampered with by hackers and identity thieves.

In essence, SSL allows for a private conversation between the two intended parties

only.

To create this secure connection, an SSL certificate (also referred to as a digital

certificate) is installed on a web server and serves two functions:

● It authenticates the identity of the website (this guarantees visitors that they are

not on a bogus site).

● It encrypts the data that is being transmitted.

SSL versus TLS

SSL and TLS generally mean the same thing. TLS 1.0 was created by RFC 2246 in

January 1999 as the next version of SSL 3.0. Most people are familiar with the term

SSL so that is usually the term that is used when the system is using the newer TLS

protocol.

SSL creates an encrypted connection between your web server and your visitors' web

browser allowing for private information to be transmitted without the problems of

eavesdropping, data tampering, and message forgery.

To enable SSL on a website, you need to get an SSL Certificate that identifies you

and you have to install it on your web server. When a web browser is using an SSL

certificate it usually displays a padlock icon, but it may also display a green address

bar. Once you have installed an SSL Certificate, you can access a site securely by

changing the URL from http:// to https://. If SSL is properly deployed, the information

transmitted between the web browser and the web server (whether it is contact or

credit card information), is encrypted and only seen by the organization that owns the

website.

“SSL Certificates are small data files that digitally bind a cryptographic key to an

organization’s details. When installed on a web server, it activates the padlock and the

https protocol and allows secure connections from a web server to a browser.”

Who may need an SSL certificate

Any individual or organization that uses their website to require, receive, process,

collect, store, or display Unrestricted or sensitive information. Some examples of this

information are:

● Logins and passwords

● Financial information (for example, credit card numbers, bank accounts)

● Personal data (for example, names, addresses, social security numbers, birth

dates)

● Proprietary information

● Legal documents and contracts

● Client lists

● Medical records