Q: What is SSL?
A: Secure Sockets Layer (SSL) is a protocol for enabling data encryption on the Internet and for
helping web site users confirm the owner of the web site. SSL is most commonly used to protect
communications between web browsers and servers. However, it is increasingly used for server to
server communications and for web-based applications.
Q: How long does enrollment take and how soon will I be able to secure my site?
A: An SSL certificate may be issued within minutes of submitting your enrollment information as
long as the information is correct and the authorized administrator responds promptly to the
confirmation email. RapidSSL® Certificates and RapidSSL® Wildcard both use an authentication
process to verify domain control validation.
Q: What is domain control validation?
A: RapidSSL will confirm domain control by sending an email to the administrator listed with the
registrar for the domain. If the authorized administrator does not reply, a second email will be sent
to an email address at the domain such as info@ or support@. (You may select a secondary email
address during the enrollment process.) In addition to validation by email, you will be asked to
provide a telephone number where you can be reached immediately after submitting your
enrollment. If everything checks out, the SSL certificate is issued.
Q: What is encryption and why are there different levels?
A: Encryption is a mathematical process of coding and decoding information. The number of bits
(40-bit, 56-bit, 128-bit, 256-bit) tells you the size of the key. Like a longer password, a larger key
has more possible combinations. When an encrypted session is established, the encryption level is
determined by the capability of the web browser, SSL certificate, web server, and client computer
Q: How do web site visitors know if a web site is using SSL?
A: When a browser connects to a secure site it retrieves the site's SSL certificate and checks that it
has not expired, that it has been issued by a Certificate Authority the browser trusts and that it is
being used by the web site for which it has been issued. If it fails on any one of these checks the
browser will display a warning to the end user. If it succeeds, several security indicators are built
into modern browsers to indicate that SSL is enabled.
• The beginning of the URL or web address changes from http:// to https://
• A padlock on the browser window changes from open to closed
• The address bar will turn green and display the name of the web site owner when connecting
to a web site protected by an Extended Validation SSL certificate.
In addition, a trust mark such as the RapidSSL site seal may be added to web pages on a secure site.
Q: What does browser recognition mean?
A: When a browser or operating system encounters an SSL certificate, it checks to make sure that
the certificate is valid and trusted. An SSL certificate is trusted if it is signed by a “trusted” or pre-
installed root certificate. If a browser that does not contain the root CA certificate used to issue the
SSL certificate, a security warning will alert them.
Q: What is a certificate signing request or CSR?
A: A CSR is a public key that you generate on your server according to your server software
instructions. (If you do not have access to your server, your web host or Internet service provider
will generate it for you.) The CSR is required during the SSL certificate enrollment process because
it validates the specific information about your web server and your organization.
Q: What is a public/private key pair?
A: SSL uses unique cryptographic key pairs: each key pair consists of a secret private key and a
related public key. Information encrypted with a public key can only be decrypted with the
corresponding private key, and vice-versa.