您的 IP 地址: 未知 · 您当前的状态: 受保护未受保护的未知
博客 How-To

What You Should Know About Web Certificates

Christina Craig

Christina Craig

Dec 21, 2016 · 3 min read

What You Should Know About Web Certificates

The internet can be a wonderful place to learn about anything at all and be entertained for hours on end. However, it can also be a dangerous place, one where you can get all your sensitive information stolen. You may think that you are visiting a safe website, but in fact it could be one designed to steal all your information—and money.

Because of this situation, websites are required more and more to have certificates to prove that they are 100% secure. In fact, Google has already given warning that any site without HTTPS will be marked as ‘unsafe.’ HTTPS is a safer version of HTTP.

Where HTTP is simply a way for a browser to talk to a server (and thereby show you a website), HTTPS will make sure that communication is first encrypted.  You can see whether a website is secure by checking if there’s a green padlock at the top next to the site address.

If a site wants to be marked as ‘safe,’ it needs to have a certificate from a trusted source.

What are website certificates?

An HTTPS website means that the site is being secured with SSL (Secure Socket Layer). This means that any data that is being sent between your browser and the server is encrypted and that the website is what it claims to be. This helps protect your private information (such as bank account or credit card information, password, social security numbers, etc.) from any prying eyes.

The website has to prove that it is legitimate to your browser. It presents its security certificate, and the browser (which has a list of trusted certification bodies) will accept this certificate or reject it. If the site’s security certificate is rejected, that means that the website is probably a fake. This happens a lot in phishing scams or other methods used to steal your information.

Where do certificates come from?

There are many Certificate Authorities (CAs) to choose from. E-commerce website owners have to pay these CAs to verify that they are the owners of the website. CAs need to first set up a trusted infrastructure on the destination site and validate the identity. To validate the site owner’s identity, they will ask to have the site’s DNS (Domain Name Server) settings updated, or confirm through the site’s email address.

This, of course, involves a certain cost, and depending on the level of security and certification, the costs can be in the thousands of dollars. Some popular CAs are Norton, Microsoft, GoDaddy and others. Each web browser, such as Chrome, Internet Explorer, Safar, Firefox and others, keep their own lists of trusted CAs.

There are also free CAs, but they may not be trusted by the various web browsers.

What should you do if you see a certificate warning?

From time to time, you’ll see a certificate warning stating that “the site’s security certificate is not trusted.” You should by no means just carry on and enter the site.

Instead, first try to determine exactly why the certificate was rejected. With this information, you can decide whether or not you’d like to continue on to the site. This could be because the site received its certificate from a free CA. For the most part, however, you shouldn’t continue.

This is especially true if the site’s certificate is revoked. This means that the certificate used by the site is fraudulent, and you should definitely not trust it.

As with everything else on the internet, you should always be vigilant when going to sites that require you to input sensitive information. This will save you a lot of stress and tears later on.

Please note that if you are getting the invalid security certificate error message when trying to access the NordVPN website, you are not reaching the real NordVPN server. This could be because either your ISP or your network administrator is attempting to perform eavesdropping or a man-in-the-middle attack. To find out more, please visit our Help Center.