With Internet Explorer

If your browser is Internet Explorer:

1. Go to the Web site for any online entity that needs secure communications, such as an online bank.
2. Follow the links to the first logon page. You do not need to logon.
3. Look at the URL. You should find that it begins with https instead of http. HTTPS is Secure HTTP, the version of HTTP that uses SSL.
4. Look at your Web browser's status line. You should see a symbol like a padlock. This shows that communications on this page use SSL.

   Some pages contain both secure (that is, encrypted) and insecure (unencrypted) information. If you view such a page, your browser might display a warning to this effect, and ask you if you want to continue. If you choose to continue, the padlock symbol disappears, because Internet Explorer does not treat such pages as secure. You will need to try some other HTTPS page to continue with this tutorial.

5. Double-click the padlock symbol. This displays the entity's certificate.

   Click the Certification Path to show the hierarchy of CAs from the one that issued the certificate up to the root CA.

   A Web site that was masquerading as the one you believe you've contacted could not fake a certificate, because no reputable CA, having checked up on them, would sign a certificate for them. And since the list of CAs in your browser includes only genuine, reputable CAs, there will be no match and your browser will reject their certificate.

   However, even for the most respectable organizations, you will sometimes find warning messages on the General tab saying that in some respects the certificate is faulty. This is because some detail on the certificate is incorrect - for example, the expiry date may have passed. It is up to you to look at the details on the certificate, and decide whether you trust the Web site despite this flaw.