When you send information over the Internet (or another computer sends information to you), it travels through multiple computers and other devices before it reaches its destination. While each device should only pass the data along to its destination, it is possible for a compromised or rogue device to capture and store everything that it passes along. Normally, you wouldn't care if a device captured data: it is available on the internet anyway. However, if you just entered your credit card information, you probably don't want that being picked up by a computer anywhere along the way.
Fortunately, we have encryption methods available so that someone who captures the data we send can't read the actual data. A security certificate is part of the process for securely transmitting data across the internet. The certificate proves that you are connecting to a legitimate site. For example, when you attempt to connect securely to Amazon.com, Amazon presents its certificate to prove that it is the real Amazon site and not a fake site that could be trying to steal your data.
The security certificate process usually occurs in the background without our knowledge. Certificates are issued to sites by certificate authorities (who issue certificates among themselves to verify their own identities), and then when you attempt to securely connect to a site, the site shows its certificate. When everything is working fine, you never know what is taking place behind the scenes.
However, if there is a problem with a security certificate, you will see a warning message. There are many reasons why you might see this message. The site may have configured its certificate incorrectly. The certificate could have expired and not been renewed by the website (this might happen to smaller sites, but is highly unlikely for a large company). Or, someone along the way could be pretending to be a legitimate site. The site may present a security certificate, but it may not be from a legitimate, recognized certificate authority. Instead, the certificate may be from a shady "authority" or even issued by itself.
Unless you are a webmaster or IT person, you really don't need to understand the details of how security certificates work. Just remember: if you see a warning saying that a site's certificate is not trusted, do not go to the site. If you do choose to proceed, then be very careful about the information you give the site. There is no order you need to place that can't wait until a site gets its security in order!
One final note: I have encountered several situations where a certificate warning is issued because the computer's date is set wrong. The computer reads the certificate's issue and expiration dates and sees a problem because it thinks the certificate is too old or was issued on a date that hasn't happened yet. If you are getting certificate error messages all the time, check your date and time settings.
No comments:
Post a Comment