Website security & SSL tools

Handy tools for checking just about anything about your website

You need to see how your website copes with the huge number of possible issues that come along with SSL certificates and websites in general. These SSL certificate tools will help you greatly when trying to find out “what gives”.

What is in your website

Built ´With.com allows users to search any website and confirm what web server and applications they are running on. The generated report gives detailed information related to the domains Web Server, Email Service, Hosting Provider, and many more. Built with

Mobile Friendly Website Checker

As of April 21st, 2015 all websites having no mobile friendliness, are ranked worce for SEO on Google. Check your website now with this tools from Google. Mobile friendly?

SSL Installation Checker

Qualys SSL Labs has by far the most extensive and detailed SSL Installation Checker in the world. The Qualys summary report grades SSL certificate installation (SHA1 vs SHA2), protocol support (SSLv2,SSLv3, TLS1.1, etc…), key exchange, cipher strength. The SSL report also tells you if your domain is vulnerable to attacks such as Heartbleed or POODLE. Click to find out more. Qualys SSL Test Lab

Collection of SSL & Security tools

SSL Shopper provides a bunch of great and useful SSL certificate tools that help ease the pain with SSL. Here is a list.

  • SSL Checker confirms if your SSL Certificate and corresponding intermediate files were properly installed on your server. If the correct certificate chain is not built, this tool will identify the error or missing certificate and inform you how to fix the issue.
  • CSR Decoder verifies certificate details such as common name, organization details, locality, etc… related with your CSR. Ideally, this tool is used before generating and submitting your order to the CA (certificate authority). If an error occurs within a specific field or the incorrect file is pasted in, the tool will identify the issue and provide visual indicators on what field is incorrect.
  • Certificate Decoder decodes your encoded SSL and displays certificate information such as common name, SANs, validity period, issuer, etc…
  • Certificate Key Matcher checks if a private key or CSR matches with the corresponding SSL Certificate that was issued by a CA.
  • SSL Converter allows users to convert the format of encoded SSL certificates, Private Keys, and Intermediate Files to the desired format. These formats consist of PEM, DER, PKCS#7 (p7b), and PKCS#12 (p12).
SSL Shopper Tools

CSR Decoder

The CSR Decoder from Certlogik is a sophisticated tool that provides users with detailed certificate information such as common name, organization details, locality, etc… and property values related to a valid CSR. Certlogik will even parse your information without returning errors which is extremely helpful when attempting to complete the SSL process. SSL Shopper Tools

Why no padlock even SSL Certificate is installed correctly?

WhyNoPadlock.com is a perfect tool that allows you to check if your website contains insecure items such as images, JavaScript, CSS, etc… Why is this important? Well, sinply because if these items are linked via HTTP and not HTTPS, the browser will display a yellow triangle over the padlock. Why no Padlock?

SSL 101 – Beginners guide to Website Security

What is SSL Security?

SSL is an acronym for Secure Sockets Layer. SSL is a cyber-security protocol that digitally encrypts information sent from a browser to a web-server. SSL certificates help website owners protect sensitive information such as credit card numbers, usernames, passwords, email addresses, and more. All websites that have an installed SSL certificate are identified using a number of trust indicators. The SSL telltales are “https” protocol (not http) and a padlock icon in the browser bar and a site seal from a reputable Certificate Authority (CA). If your SSL certificate is a so called EV certificate, additionally a green bar wraps around the URL in the browser.

What are the different certificates for SSL?

DV certificates for all sites: A Domain Validated (DV) SSL certificate is a fast and easy way to SSL secure your domain. DV is fast to get because the Certificate Authority (CA) issuing the certificate only requires verification that you actually own the domain you want to verify for the certificate. In the other certificates additional verification is required. The DV verification process can be completed as quickly as in mere minutes. However, these certificates offer little in the way of SSL recognition, so they are recommended for websites where visitor trust is not of high importance and information like usernames, passwords, or credit card information is not passed with web forms or such.

The next level is OV certificates. An Organization Validated (OV) SSL certificate means that you must complete a vetting process by the Certificate Authority before issuance. The vetting is a light one, compared to EV certificates. OV certificates are a reasonable solution between DV and EV certificates, as they aren’t as expensive as EV options yet they offer more SSL and trust indications than basic DV certificates do. OV certificates normally take between 2-3 days to be issued. You need to check you public records data so it jives with your website info. Also expect a phone call from the CA.

The highest level is EV certificates. EV stands for Extended Validation and is the most premium type of SSL certificate available. EV certificates are identified on websites mainly by the green address bar, the most universally recognized symbol of trust on the web. EV certificates are becoming more and more commonplace, especially amongst ecommerce sites, as they are used by some of the most trusted sites in the world like Bank of America, Twitter, Paypal, and more. These certificates require that a company complete a thorough vetting process before being issued. You need to check you public records data so it jives with your website info. Also expect a phone call from the CA. Please understand: the only way to get the green address bar on your website is with an Extended Validation (EV) certificate. The main criteria for qualifier for an EV certificate would be that your business is an official company registered with a government authority. Please note though that if you’re a Sole Proprietor or a Partnership registered in the U.K., you do not qualify for an EV SSL certificate.

Read More here: http://www.hongkiat.com/blog/ssl-certs-guide/