A secured website can be identified from the lock symbol on the browser bar. Different browsers have different ways to show this to users. One should be really aware of the benefits of using an SSL certificate for a website.
The cases when users do not pay attention to the lock sign in the browser can lead to unforeseen circumstances. Entering any data to a website not secured with an SSL certificate can lead users to phishing or MITM attacks. At the same time website owner should also pay close attention to the risk of not securing a website.
Also, read how to protect yourself from a MITM attack
There are many cases where reputed websites forgot to renew their SSL certificate which causes man-in-the-middle attacks. Recently, Microsoft team confirmed, it went down for a few hours because of an expired SSL Certificate, during that period people were trying to log in without knowing that it wasn’t secure.
Keeping this mind, I would like to showcase what users should check in order to make sure they are visiting a secure website. CAB forum has made this mandatory to show certificate information to the website users. An SSL certificate deployed successfully shows some relevant information about the URL & the company.
This information can be found in your browser. The importance of this information may vary from person to person. But it is best practice to check certificate information before entering any data to a website.
Below are the steps to check SSL Certificate information on different browsers. However, few sections may change depending on the browser version. I have mentioned the browser version with the steps.
1) Click on the padlock in the URL Bar. Then a dropdown will appear, click on the valid under the Certificate section.
2) Certificate window will appear where there are three tabs- General, Details and Certificate Path. General tab contains information about validity, domain name and Certificate Authority issued name. Details Tab contains all information about SSL like SSL type, key size, hashing info, domain’s for which certificate is issued, etc. Lastly, the Certificate Path tab shows a path of the certificate such as root, intermediate and certificate.
1) Click on the padlock icon, a pop-up will display and then click on details.
2) On a click of details, a window will appear which would contain the name of the Certificate Authority, cipher, protocol and algorithm details.
3) Now, click on the Certificate information. Here you would find the entire detail of the certificate like common name, organization name, validity period, domain name, expire date, etc.
1) Click on the padlock, which is the top right-hand side, on a click drop-down will appear contains some detail of certificate.
2) Now click on the view certificate link, a new window will appear showing all the detail within the three tabs – General, Details and Certificate path.
1) Click on the padlock icon on the URL Bar and now click on the right arrow where you will find certificate detail. Then click on the more information in the dropdown window.
2) After that, a Page Info window will open where you will find more information about the website identity, cipher, keys, etc. Then click on view certificate to get more details on certificate information.
3) Now, a Certificate Viewer window will appear. Here you can see detailed information on SSL Certificate.
1) Click on the padlock icon in the URL bar, a dropdown window will appear stating website identification details.
2) Now click on the view certificate under the website identification section.
3) On the click of the view certificate, a window from the right side will appear with detailed certificate information.
As Google and other browser have made strict norms and regulations for security, the hacker is becoming smarter day by day. So, it’s best practice to check the security of any website you visit before entering any information. Hence checking the Website’s SSL Certificate information may help the user from any kind of scams, hacks, and attacks.
Also, it is advised for the website owner to never compromise on website security. Always secure a website with SSL Certificate and if you have a certificate then renew the certificate without fail.