Which SSL certificate to choose?
First, there are different types of SSL certificates:
- Validation Domain is the typical certificate and usually the cheapest. These certificates allow basic encryption, are issued very quickly and require a simple verification for domain ownership.
- Coporate Validation: These certificates include the authentication of the company and / or organization owning the domain.
- Extended Validation: With this type of validation, the CA performs an in-depth review of your business before issuing the certificate. This SSL certificate offers the highest degree of security.
Enable SSL certificate
There are as many possibilities as hosting and the procedure is different depending on your provider (dedicated, VPS, Shared, …)
For shared hosting, ask your hosts, some offer SSL certificates in their offers.
Attention to the fault SSL3 POODLE
A Google team recently highlighted a security flaw in the SSL protocol used to encrypt data exchanges between a browser and a website. Implementation, it allows a hacker to impersonate his victim and access private data on a service such as a webmail or the server of a bank.
This SSL vulnerability has been dubbed “POODLE” for Padding Oracle On Downgraded Legacy Encryption. It uses an old version 3 of the SSL protocol, released 15 years ago, which provides the encryption of a transaction. Another more robust and widespread method exists nevertheless: TLS 1.0. However websites still use SSLv3 to ensure compatibility with Internet Explorer 6 in Windows XP. Especially the technique can simulate a connection problem and force a browser to switch from TLS to SSLv3. More information on this SSLv3 Poodle vulnerability.
In conclusion, to guard against it, you will have to disable the SSL v3 on your server.
Finally to check the quality of your SSL certificate, simply test your domain on https://www.ssllabs.com.
Source : wpformation