Previous Topic Next topic Print topic


With Mozilla Firefox

Restriction: This topic applies only when the Enterprise Server feature is enabled.

If your browser is Mozilla Firefox:

  1. Go to the Web site for any online entity that needs secure communications, such as an online bank.
  2. Follow the links to the first logon page. You do not need to logon.
  3. Look at the URL. You should find that it begins with https instead of http. HTTPS is Secure HTTP, the version of HTTP that uses SSL.
  4. Look at your Web browser's status line. You should see a symbol like a padlock. This shows that communications on this page use SSL.

    Some pages contain both secure (that is, encrypted) and insecure (unencrypted) information. If you view such a page, your browser should display a warning to this effect, and ask you if you want to continue. If you choose to continue, the padlock symbol appears with a line through it, because Firefox does not treat such pages as secure. You can still view the certificate though.

  5. Double-click the padlock symbol.
  6. On the Page Info dialog box that appears, click View. This displays the entity's certificate. If you click the Details tab, you will see the hierarchy of CAs from the one that issued the certificate up to the root CA.

    A Web site that was masquerading as the one you believe you've contacted could not fake a certificate, because no reputable CA, having checked up on them, would sign a certificate for them. And since the list of CAs in your browser includes only genuine, reputable CAs, there will be no match and your browser will reject their certificate.

    However, even for the most respectable organizations, you will sometimes find warning messages on the General tab saying that in some respects the certificate is faulty. This is because some detail on the certificate is incorrect - for example, the expiry date may have passed. It is up to you to look at the details on the certificate, and decide whether you trust the Web site despite this flaw.

Previous Topic Next topic Print topic