SSL/HTTPS

Keep your data secure - and your SSL-certificates under control.

SSL-Certificate Management

Because the management of SSL-certificates is far too important to be left to chance.

There is currently a shift taking place online towards a more secure web. The most fundamental way of keeping data secure, is encrypting it with SSL-certificates. This has resulted in an exponential demand for SSL-certificates, but at the same a need for ensuring a safe management of SSL-certificates in order to avoid business critical consequences.

Since the registration and management of domain names is a core part of the Ports Group business, managing SSL-certificates has for a long time been an integral part of our business.  At Ports Group, our aim is to ensure a safe handling of all assets we provide. Regardless if we manage your domain names and trademarks, or watch services, hosting services or SSL-certificates, we want to take the same responsibility.

SSL-Certificate Management at Ports Group gives you:

  • Holistic solution for domain names, DNS and SSL
    In our interface ports.management, you get an unprecedented holistic view of your SSL-certificates, domain names, hosting services and trademarks managed by us.
  • Strategic consultation and expertise
    We have the experience and expertise vital to be a corporate partner for the safe management of SSL-certificates.
  • Full browser compatibility
    All our certificates have the maximum browser compatibility.
  • Wide choice of certificates
    Ports Group provides certificates from Symantec, Digicert, Geotrust and Thawte, ensuring you can get the right certificate for your specific needs.
  • Minimizing the risk of certificates expiring as a result of human error
    In our SSL-certificate Management Service, we ensure that you get the proper information regarding renewals of your certificates. Thus making sure no certificate slips through the cracks of a large organisation.

The process:

Let our team of experts help you with a plan for a more secure certificate management.

  1. The analysis
    In collaboration with the client, we analyse their current certificate situation. Which certificates are there? From which providers? And so on. The analysis is summarised in a document containing a recommended action plan for optimizing the current certificate management.
  2. Creating control
    Based on the action plan, we enable the client to make sure every certificate is under control, with the aim of every certificate being managed by Ports Group for total control and security (see Consolidation)
  3. Ongoing certificate partnership with portfolio management
    Ports Group is a gold partner of Digicert, Symantec, Geotrust and Thawte – we have the ability to provide our clients with a smooth and secure certificate partnership, with one dedicated contact and safe management.

Consolidating SSL-certificates

SSL-certificates are usually registered:

  • At various points in time
  • For various periods
  • At different providers
  • By different people

This makes managing certificates, even across a small organisation, very difficult. Not to mention how complex it gets when it comes to larger organisations.

Our aim is to ensure the same secure management of SSL-certificates as with domain names and trademarks. For maximum protection against certificates failing because of poor management, our recommendation is to always consolidate your certificates.

Consolidating certificates is a process that is usually done in stages, in order to keep the current periods for which you have already paid for.

Based on the analysis of your current SSL-certificates (see analysis), we carry out a consolidation of your certificates in two stages:

    1. Transfer Digicert certificates
      Certificates issued by Digicert can immediately be transferred to our management, thus transferring the administrative responsibility from you to us. In our interface ports.management, you get a total overview of your SSL-certificates, domain names, trademarks and hosting services managed by us.
    2. Replacing external certificates when expiring
      Together with you, we will continuously replace external certificates in order to achieve the main goal of having all of your certificates managed by us.

MPKI for SSL

Powered by:

Through Ports Group, you can also have a MPKI (Managed Public Key Infrastructure) for SSL-certificates, powered by Digicert.

MPKI enables you to issue, install, inspect, remediate, and renew certificates into one scalable software suite.

With an MPKI at Digicert through Ports Group, you get total control, but without the hassle of being a direct client.

Benefits of having an MPKI through Ports Group:

  • All costs invoiced by Ports Group, instead of having to pay by credit card.
  • Strategic expertise regarding SSL-certificates provided by Ports Group.
  • Ports Group’s consultants can act as administrator if/when needed.
  • Simple, centralized bulk management for all certificate types.
  • The platform can customized to your organization’s unique infrastructure.

A brief history of SSL/HTTPS

Background
The use of SSL-certificates (Secure Sockets Layer) is as old as the Internet itself. When information started flowing online, it did not take long before a need arose to be able to ensure that no one could eavesdrop on potentially sensitive information.

SSL-certificates enable the encrypted HTTPS-protocol to be used instead of the “old” HTTP. The SSL-certificate is the “how” and the HTTPS-protocol (which you for example can see in your web browser’s address field on an encrypted site along with a padlock) is the “why”. That is why SSL and HTTPS are usually mentioned in the same sentence. To keep things simple, and avoid unnecessary confusion, we often refer to it as SSL/HTTPS.

Not using an SSL-certificate is like putting a letter in the mail using a transparent envelope, enabling everyone to see its content. An SSL-certificate encrypts and distorts the information, making it impossible to intercept the information between the sender and the receiver.

Traditionally, the recommendations for when to use an SSL-certificate used to be:

  • When you have an e-commerce site and handle orders and payments.
  • When you have a login on your website.
  • When handling sensitive information such as personal data.
  • When striving for confidence for your business and your products.

However, in today’s world, things are a bit different.

SSL/HTTPS today

The recent years’ exponential increase in Internet frauds – along with the emergence of the “fake news” phenomenon – has led to the macro trend we are now seeing with a move towards a more secure Internet.

The perhaps most evident example is the blogpost posted by Google back in 2014 where they introduced HTTPS as a ranking signal. A post that has become a modern classic. Google has since developed this aim, named ”HTTPS Everywhere”, and is with both carrot and stick increasing the number of sites using HTTPS in Google Search. The purpose is to provide its users with a more trustworthy result.

When it comes to SEO, Google is open about the fact that if two websites are equal in search results, but one has SSL enabled it may receive a slightly rank boost to outweigh the other. However, most perhaps most importantly, according to a recent survey from HubSpot Research, up to 85% of people stated that they will not continue browsing if a site is not secure.

As a result, the number of registered SSL-certificates has skyrocketed during the last years.

Consequently, nowadays the discussion is not about when to use an SSL-certificate, but when you dare not to.

Common questions surrounding SSL-certificates

“What types of SSL-certificates are there?”

Traditionally, you usually speak about the three levels of SSL-certificates – DV, OV and EV. However, not having an SSL-certificate is also a state that has to be included in the discussion in order to fully understand the value of having SSL-certificates altogether. It is important to note that the three different levels of SSL-certificates does not mean that the encryption of the traffic it is intended to protect is any different, what it means is that the validation process of setting up the certificate is different from each level. The higher the level, the more rigorous the validation process has been. At the same time, the higher the level, the more confidence the visitor/user of the certificate gets from the brand.

  1. Having no certificate
    Having no certificate on for example a website, means that the flow of information between the visitor of the site and the web server on which the site is hosted, is totally transparent. A good analogy of not using an SSL-certificate is that it is like putting a letter in the mail using a transparent envelope, enabling everyone to see its content.
  2. Domain Validation (DV)
    This is the lowest of all validations, meaning it is the easiest to obtain. The validation consists of the issuing certificate authority verifying that a contact at the domain in question approves the certificate request. Usually by email, but can also be done via alternate methods. The sole benefits are a speedy validation and a relatively low cost. The drawbacks are a higher risk of phishing and “man in the middle” attacks. Some issuers have gone as far as not issuing DV-certificates, due to a belief that the drawbacks of issuing domain validated certificates far outweigh the benefits.
  3. Organisation Validation (OV)
    OV-certificates is the level above DV-certificates. As the name implies, the validation process for an OV-certificate is more rigorous than a DV-certificate and includes verifying the organisation behind the request. This is usually done by first carrying out the steps of DV-validation process, and then adding a vetting of the requesting organisation, beyond the domain in question. This information is then displayed on the certificate, making the ownership of the certificate more transparent and the site more trustworthy.
  4. Extended Validation (EV)
    Have you seen a green adress bar on the browser when visiting a site? That is the most evident trace of an EV-certificate in use. As the name implies, the validation process for an EV-certificate is the most rigorous of the three. They take a bit longer to issue, but for organisations that want to achieve the highest level of trust possible for their visitors, using an EV-certificate is a must.

 

“What type of SSL-certificate should we have?”

One size does NOT fit all. The choice of which certificate suits your needs is dependent on a number of factors. On an external web for example, it might be a good idea to use an SSL-certificate of the highest level, an EV-certificate (Extended Validation), in order to gain the most trustworthiness possible for your site – and your brand. For other purposes, where the encryption itself is the only thing of importance, a lower level of validation might suit your needs. At Ports Group, we have the experience and expertise to guide you in your choice of certificates, and the safe management of your certificate portfolio.

 

“What happens when/if my SSL-certificate runs out?”

When a certificate is not renewed, the encryption is no longer ensured and therefore no longer secure.

SSL-certificates run for a finite period, from one to two years. A common misconception regarding SSL-certificates is that that they are “renewed”. In practice, an SSL-certificate needs to be replaced with a new one. However, in some cases a certificate needs to be replaced long before its expiration date.

The most evident use of SSL-certificates is the previously mentioned transition from HTTP to HTTPS on a website, recognizable by the nowadays iconic padlock in the browser address field. The effect of a non-functioning SSL-certificate for websites is painfully clear when it happens. The entire link structure on the site is based on HTTPS, not HTTP. When the SSL-certificate for the site is not renewed, the entire site becomes unreachable for visitors since the protocol is not supported.

However, many forget that SSL-certificates are not just used for encrypting the traffic between a website and its visitors. SSL-certificates are actually used in a number of different ways, for many different purposes. For example VPN-connections, cloud services, server to server communication and so on. Failing to manage SSL-certificates can affect a company’s entire infrastructure.

 

“What are the greatest risks associated with certificate management?”

  • Improper implementation
    Improper implementation can actually be worse than not having an SSL-certificate in the first place.
  • Poor certificate management
    Poor management of certificates can have business critical consequences. Everything from external effects such as unreachable websites and damaged reputation, to internal effects such as incapacitated employees and/or leaked confidential documents.

Is your site secure?

Do you know if your site has SSL today?

On our site besafe.online, we have created an analysis tool where you easily can check your site. Apart from SSL, the tool also checks for DMARC (a fundamental part of the protection against your domain being used for email fraud) and DNSSEC (a safer version of DNS that protects against dns hijacking).

Want to know more about SSL/HTTPS?

  • This field is for validation purposes and should be left unchanged.

When you contact Ports Group your personal data will be processed in accordance with our Privacy Policy.