What is SSL?

SSL (Secured Socket Layer), is used for sending and receiving sensitive information such as Credit Card information across the World Wide Web. It ensures encrypted/secure communications between the client and receiving server. The SSL protocol supports the use of a variety of different cryptographic algorithms, or ciphers, and most of which provide 40, 56, or 128 bit encryption security.

Key-exchange algorithms like KEA and RSA key exchange govern the way in which the server and client determine the symmetric keys they will both use during an SSL session. The most commonly used SSL cipher suites use "RSA" key exchange, which many of you have probably seen displayed on numerous web sites, and next to a provider called "Thawte", who issues the SSL Server Certificates. A certificate is used to officially identify you as a legitimate SSL enabled web site, and displays your name as the certified holder when visitors check it.

When to use SSL?

SSL is not generally, nor should it be used for all pages on a web site. SSL is most commonly used for the sending and receiving of sensitive information such as credit cards, membership ID's, or customer billing information access. SSL need only be used on the "particular" page where the secure activity is taking place. ALWAYS use SSL when asking for credit card information. If visitors do not observe the https// appearing on the form URL, and the "SSL Symbol", does not illuminate in their browser, they won't be doing a whole lot of business with you. No one wants his or her credit card information intercepted and stolen as the result of a site not using SSL encryption!
 

SSL Usage:

There are two different ways of using SSL. The two are essentially the same, however one will display "1GigHost Hosting" as the certificate holder, which we would call "Shared SSL", and the other, (which you must purchase) displays "your company" as the certificate holder, "Standard SSL". Essentially, when visitors click on an SSL enabled page, they receive a message that displays information about the owner of the SSL certificate. In most cases, e-commerce based websites would prefer to have 'their' name appear as the holder because it maintains a professional appearance. Alternatively, and if it matters not, you could simply use our default SSL server, however visitors will see "1Gig Web Hosting" as the owner of the certificate. We'll explain how to obtain your own certificate later in this document.
 

Shared SSL:

All of our web hosting packages are SSL enabled. Use of our Shared SSL system is included in your account package. Each server has an individual secure certificate installed. To call a page using SSL, simply enter https://1gighost.com/~username/anypage.html (n = see server list for correct URL for the server your site is on, username = your account username).

When page appears, and you'll observe a "Small Lock" symbol appearing in the bottom of your browser (left for Netscape, right for Internet Explorer). This is to verify that you are now officially in SSL secure transaction mode. At this point, any information sent or received from this page is encrypted between you and our server.

Standard SSL:

Note: Please make sure the package you are on includes having your own SSL in the features.

In order to setup Standard SSL certificate on your website, you will first need to obtain a certificate.

 We are a vendor for Instant SSL and will need the following data in order to generate a CSR for the new SSL certificate. We will also require additional documentation to verify the business address. This will be requested after the CSR is generated. This usually includes a copy of business license, utility bill, copy of canceled check or any other document to verify the actual business address.
 

Please mail the below information to us at secure@1gighost.com :

1. Email Address the Certificate will be sent to. (Info displayed to your clients on certificate also)
2. Host to make cert for (the exact site URL for certificate)
3. Any one of the following:
4. Country (2 letter Abbreviation)
5. State
6. City
7. Company Name
8. Company Division
9. E-mail
10. certificate  password

Once we have received these information, CSR will be sent to you. You can take that to the certificate vendor and buy the certificate. You will receive two files for the certificate from the vendor, .crt and .key, please send us both files by either attaching them to the email or by copying all the content into the message body.

If the SSL vendor asks for web server information, please choose "Apache-Mod SSL" or similar.

We will inform you when the certificate has been installed. After that you should be able to access your site using https://yourdomain.com.