DreamHost SSL Browser Compatibility


#1

I was wondering about DreamHost’s SSL browser compatibility. Do most browsers recognize it or not?


#2

Browser compatibility with our SSL certificates is pretty much universal. You might be able to find a few obscure old mobile devices that don’t recognize it, but I’ve never heard of any.


#3

I am confused. Isn’t SSL certificate is a standard certificate which is recognized by all browsers?


#4

Yes, SSL is a standard for encryption. However, browsers rely on what are called root certificates to determine whether a given certificate from a website should be trusted. Otherwise, anyone could use a self signed certificate to fraudulently portray a legitimate connection to a trusted institution (for example, a bank).

For PKI, trust is just as important as encryption. This is why website owners must purchase certificates from certificate authorities or CAs. The certificate authority verifies that the website is a legitimate business. The browsers in turn use root certificates to verify that the site owner certificate was indeed signed by the certificate authority. Not all browsers recognize the same certificate authorities. This is why the topic starter had a concern. DreamHost uses Comodo as a certificate authority for the certificates that they sell. According to Comodo, the certificates are recognized by 99% of all browsers. In most cases, a genuine certificate authority is recognized by most, if not all browsers.

That said, self signed certificates are not useless. Many large organizations use self signed root certificates to issue certificates for their intranet sites. These organizations configure their browsers to accept their root certificates. This prevents targeted phishing attacks against internal company systems. For more information, see the Wikipedia article below:

Let me know if you have any other questions. Network security is one of my favorite topics.


#5

Wonderful, thank you!