User Manual

ManualsBrandsSiemens ManualsBuilding automationDesigo CC MP 5.0 BACnet Server, BACnet Protocol Implementation Conformance Statement (PICS), Basic Documentation

Cybersecurity Basics

SSL Certificates

20 | 85

A6V11646120_enUS_b_40

Types of SSL Certificates based on the Number of Domains they

Secure

The following certificates are based on the number of domains needs to be se-cured.

Single Domain Certificate

The single domain certificate secures one fully qualified domain name. For example, a

single domain certificate for www.example.com will not secure the communication for

mail.example.com.

Wildcard SSL Certificate

The wildcard SSL certificate secures an unlimited number of subdomains for a single

domain. For example, a wildcard SSL certificate for example.com will also secure

mail.example.com, blog.example.com, and so on.

Unified SSL Certificate/Multi-Domain SSL Certificate/SAN Certificate

The unified SSL certificate secures up to 100 domains using the same certificate with

the help of the SAN extension. It is especially designed to secure Microsoft Exchange

and Office Communication environments.

Once you choose what type of SSL certificate you require, you must obtain it from a

trusted CA.

Where you can get SSL certificates

Probably the most important part of an SSL certificate is where it comes from. SSL

certificates are issued by Certificate Authorities (CAs), organizations that are trusted to

verify the identity and legitimacy of any entity requesting a certificate.

The CA’s role is to accept certificate applications, authenticate applications, issue

certificates, and maintain status information on certificates issued.

You may also be able to purchase digital certificates from a domain name registrar or

website hosting provider.

Certificate authority (CA)

A certificate authority is an entity which issues digital certificates to organizations or

people after validating them. Certification authorities have to keep detailed records of

what has been issued and the information used to issue it and are audited regularly to

make sure that they are following defined procedures. Every certification authority

provides a Certification Practice Statement (CPS) that defines the procedures that will

be used to verify applications. There are many commercial CAs that charge for their

services (VeriSign). Institutions and governments may have their own CAs, and there

are also free Certificate Authorities.

Every certificate authority has different products, prices, SSL certificate features, and

levels of customer satisfaction.

Browser compatibility

The certificate that you purchase to secure your website must be digitally signed by

another certificate that is already in the trusted store of your user's web browser. By

doing this, the web browser will automatically trust your certificate because it is issued

by someone that it already trusts. If it is not signed by a trusted root certificate, or if

links in the certificate chain are missing, then the web browser will give a warning

message that the website may not be trusted.

So, browser compatibility means that the certificate you buy is signed by a root

certificate that is already trusted by most web browsers that your customers may be

using. Unless otherwise noted, the certificates from all major certificate providers listed

on SSL Shopper are compatible with 99% of all browsers.