All access to the Crystal CMS control panel is secure. The SSL certificate we use to protect your data (and ours) is a RapidSSL 128 / 256 bit single root SSL certificate. RapidSSL.com owns the root used to issue RapidSSL certificates making it a stable SSL offering. RapidSSL is present in the IE 5.01+, Netscape 4.7+ and Mozilla 1+ browsers and many other new Windows and Mac based browsers and it includes a $10,000 warranty.
Please feel free to visit RapidSSL online to read more about their SSL certificates. We also have an FAQ on SSL below:
What is SSL?
What is a RapidSSL Certificate?
What is a Single Root SSL Certificate?
Can I see which Certification Authorities have their own Trusted CA root present in browsers?
What is SSL?
The SSL (and TLS) protocol is the Web standard for encrypting communications between users and SSL (secure sockets layer) e-commerce sites. Data sent via an SSL connection is protected by encryption, a mechanism that prevents eavesdropping and tampering with any transmitted data. SSL provides businesses and consumers with the confidence that private data sent to a Web site, such as credit card numbers, are kept confidential. Web server certificates (also known as secure server certificates or SSL certificates) are required to initialize an SSL session.
Customers know when they have an SSL session with a website when their browser displays the little gold padlock and the address bar begins with a https rather than http. SSL certificates can be used on webservers for Internet security and mailservers such as imap, pop3 and smtp for mail collection / sending security.
What is a RapidSSL Certificate?
RapidSSL Certificates uniquely enable businesses to obtain low cost 1+ year fully functional single root trusted SSL certificates and are ideal for websites conducting lite levels of ecommerce. RapidSSL.com owns the root used to issue the certificates, making RapidSSL both stable and far easier to install than a chained root install certificate.
RapidSSL lowers the barrier of entry for companies that want single root SSL security by providing immediately issued certificates at the lowest cost available.
What is a Single Root SSL Certificate?
When connecting to a webserver over SSL, the visitor's browser decides whether or not to trust the website's SSL certificate based on which Certification Authority has issued the actual SSL certificate. To determine this, the browser looks at its list of trusted issuing authorities - represented by a collection of Trusted Root CA certificates added into the browser by the browser vendor (such as Microsoft and Netscape).
Most SSL certificates are issued by CAs who own and use their own Trusted Root CA certificates, such as those issued by GeoTrust and RapidSSL.com. As GeoTrust and RapidSSL.com is known to browser vendors as a trusted issuing authority, its Trusted Root CA certificate has already been added to all popular browsers, and hence is already trusted. These SSL certificates are known as "single root" SSL certificates. RapidSSL.com, a subsidiary of GeoTrust, owns the Equifax root used to issue its certificates.
Some Certification Authorities do not have a Trusted Root CA certificate present in browsers, or do not use the root they do own, and use a "chained root" in order for their SSL certificates to be trusted - essentially a CA with a Trusted Root CA certificate issues a "chained" certificate which "inherits" the browser recognition of the Trusted Root CA. These SSL certificates are known as "chained root" SSL certificates.
Installation of chained root certificates are more complex and some web servers and applications are not compatible with chained root certificates.
For a Certification Authority to have and use its own Trusted Root CA certificate already present in browsers is a clear sign that they are long-time, stable and credible organizations who have long term relationships with the browser vendors (such as Microsoft and Netscape) for the inclusion of their Trusted Root CA certificates. For this reason, such CAs are seen as being considerably more credible and stable than chained root certificate providers who do not have a direct relationship with the browser vendors, or do not use their own root certificates to issue SSL certificates.
Can I see which Certification Authorities have their own Trusted CA root present in browsers?
Yes. Your browser contains a Trusted CA root certificate store. You can access this by opening Internet Explorer, then go to Tools, select Internet Options, select the Content tab, click Certificates, select the Trusted Root Certification Authorities tab. You will then see a dialog box presenting a list of all Certification Authorities who own their own Trusted CA roots (you can examine the root certificate by double clicking it):
GeoTrust owns the Equifax root (Equifax Digital Certificate services became GeoTrust in 2001).
RapidSSL.com's RapidSSL product owns its own root. RapidSSL.com uses a different Equifax root.