You may recognise a secured website from the lock symbol on the browser bar. Various browsers have different ways of displaying that to users. One really should be aware of the advantages of using an SSL certificate for a website.
Cases where users fail to pay attention to the browser’s lock sign can lead to unforeseen circumstances. Entering any data into a website not protected with an SSL certificate could result in phishing or MITM attacks on users. At the same time website owner should also pay careful attention to the possibility that a website might not be protected.
There are many cases where reputable websites have forgotten to renew their SSL certificate resulting in man-in-the-middle attack. Microsoft team recently confirmed it went down for a couple of hours due to an expired SSL Certificate, during which time people tried to log in without knowing it wasn’t stable.
With that in mind, I ‘d like to show what users should check to make sure they visit a secure website. This has been made mandatory by the CAB forum to show website users information about certificates. A deployed SSL certificate successfully displays some relevant URL & Company information.
What does SSL Certificate Information contain?
- Duration of validity
- Name of Certificate Authority ( CA) Issued
- Subject Name (that contains information about the company, type of SSL Certificate and domain name for which SSL was issued.)
- Key Usage
- CRL info
- Underlying the encryption is signing and hashing algorithms.
You will find that information in your browser. This knowledge can differ in meaning from person to person. But it is best practise to check the information on the certificate before entering any data on a website.
How to search for information about SSL Certificates.
Below are the steps for checking information about SSL Certificates on various browsers. However, depending on the version of the browser few parts can alter. I listed the steps of the Browser edition.
Chrome Browser (Version – .79)
- Click in the URL Bar on the padlock. A drop-down will then appear, clicking on the correct section below the Certificate.
- The certificate window will appear in three tabs-General, Information and Certificate Route. General tab contains the validity information, the domain name and the name given by the Authority for Certificates. Details Tab contains all SSL information such as type SSL, key size, hashing data, domain for which certificate is issued, and so on. Finally, the Certificate Path tab displays certificate paths such as origin, intermediate, and certificate.
Mobile Chrome – (Version – .79)
- Click on the padlock icon, show a pop-up and then click the info.
- A window with the name of the certificate authority, cypher, protocol and algorithm information will appear after a click of the button.
- Now, click the details on the Badge. Here you can find all the information of the certificate such as common name, organisation name, time of validity, domain name , date of expiry etc.
Internet Explorer (Version – 11)
- Click on the padlock on the top right-hand side of the padlock and you will see some specifics of the certificate on the drop-down menu.
- Now click on the certificate view connexion and a new window will appear displaying all the information in the direction of the three tabs-General, Details and Certificate.
- Click on the URL Bar padlock icon and then click on the right arrow where you will find specifics of the certificate. Then click on the Dropdown window for more information.
- A Page Details window will then open where you will find more information about the identity of the website, the password, the keys, etc. Then click on the Certificate view to get more specifics on the information about the certificate.3) Now a Certificate Viewing window appears. You can see comprehensive SSL Certificate details here.
- Click the padlock icon in the URL bar and a dropdown window will appear showing specifics of the website identification.
- Now click on the view certificate under the Website Identification section.3) When you click on the view certificate, a right-hand window with detailed certificate information will appear.
Given that Google and other browsers have made strict safety standards and regulations, the hacker is becoming smarter every day. So checking the security of any website you visit before entering any information is best practise. Therefore, checking the SSL Certificate information on the website can help the user from scams, hacks and attacks of any kind.
Also, the website owner is advised to never compromise on protection of the website. Always protect a website with SSL Certificate and then update the certificate without fail, if you have a licence.