With the rapid development of the Internet and the sharp increase in the number of Internet users, Internet security issues need more attention. Because it involves users' confidential information, even card number information, etc., SSL certificates are issued by trusted certification authorities (CAs), which can achieve high strength encrypted data transmission and prevent information from being monitored, intercepted and tampered in the transmission, It can also prove the authenticity of the website to users and prevent them from being attacked by phishing websites.
How to determine whether a website has deployed a secure SSL certificate?
Websites that can be accessed through https
If this website deploys an SSL certificate, the page that needs to be encrypted will automatically change from //to //. If it does not change, you think this page should be encrypted. You can also try to manually add an English letter "s" after the http in the browser address bar and enter. If you can access it normally and the security lock appears, This indicates that the website actually deploys SSL certificates, but there is no //link on this page; If it cannot be accessed, it indicates that this website does not have an SSL certificate deployed.
Open the browser to show that the visited website has a security lock sign. In addition to the security lock sign, the website bar of some websites also displays green and can visually see the name of the company to which the website belongs.
The browser has a built-in SSL certificate security verification mechanism, which is a universal international standard. When visiting the website, the browser will automatically verify the status of the SSL certificate. After confirmation, the browser will normally display the security padlock sign and https. If there is a problem, the browser will issue a corresponding "unsafe" warning, prompting the website that there is a problem with the security certificate.
"Unsecure" warning will appear in the address bar of websites where SSL certificates are not deployed
Google, Firefox, 360 and other browsers will issue an "unsafe" warning to HTTP websites that do not deploy SSL certificates, reminding users not to enter card numbers and other information on the website, which is easy to be stolen by attackers.
The SSL certificate is not issued by the Trusted Root Certification Authority. The browser will give a security warning
All browsers have a built-in list of "trusted root certification authorities", which records all trusted CAs that have passed WebTrust international authentication and are preset to all trusted CAs in the browser.
If the SSL certificate is not issued by the Trusted Root Certification Authority in the browser, the browser will have a security warning, The warning message of the browser is "The security certificate issued by this website is not issued by a trusted certification authority, and the security certificate problem may show an attempt to deceive you or intercept the data you sent to the server. It is recommended to close the webpage and not continue browsing the website".
SSL certificate revoked
If the certificate has been revoked by the certification authority, the warning message "The certificate of this organization has been revoked, and the security certificate problem may show an attempt to deceive you or intercept the data you sent to the server. It is recommended that you close this page and do not continue to browse the website.".
SSL certificate expired
If the SSL certificate has expired, the warning message "The security certificate issued by this website has expired or has not yet become effective. The security certificate problem may indicate an attempt to cheat you or intercept the data you sent to the server. It is recommended that you close this page and do not continue browsing the website.".
Did you learn the above contents? Security loopholes in the network world appear every day. Every citizen should understand and learn about security knowledge and security awareness. Welcome to exchange!
