1&1 SSL brings success and security to your website
FAQ - Frequently Asked Questions
Why should I use an SSL checker to see whether my website has an integrated SSL certificate?
Using the SSL checker is particularly useful if you run a website that requires the exchange of sensitive data with your clients. This kind of data exchange should always be secured by an SSL certificate, as third parties might otherwise be able to gain access to the information. If you run an online shop where the checkout process necessitates the entering of a delivery address and payment details by the customer, or you host a contact form on your website where interested parties can enter their name and e-mail address, an SSL certificate is vital.
If you have not installed SSL you can use the SSL checker to detect the configuration of your server and find out which type of SSL certificate it supports. You can also use the SSL certificate checker to determine whether your SSL certificate is installed correctly and make sure there are no potential security gaps, which could endanger the data exchange. Over the last few years serious security leaks have been discovered repeatedly, particularly with older SSL certificates. Use the SSL tester from 1&1 to avoid potential gaps in your SSL certificate.
How does the SSL test show me whether my website is SSL encrypted?
With 1&1 it is easy to test your SSL certificate: enter the URL of your website or server into the SSL checker and click "check". You will receive the result within a matter of seconds. If your website is not SSL encrypted, this message will pop up on your screen: No SSL Connection.
This notification means that the connection to your website is not protected by an SSL certificate, either because you haven't installed one, or it is expired or faulty. If this is the case you should review the installation of your SSL certificate and potentially renew it. If the SSL test is successful, it shows you which certificate you are using, whether it is installed correctly, and if there are any safety gaps.
How does the SSL check show me that my SSL certificate is valid?
The SSL check doubles as an SSL validator. If your certificate is installed correctly, once you have entered your URL you will receive the following message:Certificate is installed correctly.
This means both that your SSL certificate is installed correctly and that it is valid. For more detailed information on the checked certificate go to "certificate information". "Certificate status" also shows you whether or not your certificate is valid.
Even if your certificate is working and valid you are not automatically protected against all known threats. If your certificate is valid but does not offer you complete protection, our SSL checker will automatically tell you. The test looks for any security gaps and informs you of threats you still need to protect yourself against, which usually requires buying an updated SSL certificate.
Can the SSL checker detect if I am affected by Heartbleed, BEAST or similar security gaps?
Yes, the SSL certificate checker automatically detects these threats. The result shows you whether you possess a valid SSL certificate and whether it is operating correctly. However, a properly installed and working SSL certificate still does not guarantee complete protection against all threats. The SSL test shows you which security gaps exist through notifications like the following example: Warnings. BEAST. The BEAST attack is not mitigated on this server. This notification means that an attack by BEAST was not disarmed by the server.
The SSL checker examines the SSL certificate of the URL for any security gaps, which occur predominantly in older versions of SSL certificates and are points of weakness for cyber-crime methods like POODLE, FREAK, BEAST, CRIME and Heartbleed. If the SSL certificate does not pass the Heartbleed test or one of the other security checks, the SSL check will let you know and even give you advice on how to solve the problem.
I am experiencing some problems with the installation of my SSL certificate. What can I do?
If you can't install your SSL certificate, review the configuration of your server, which the SSL test will display to you regardless of whether or not you have installed an SSL certificate. Not every configuration is compatible with every SSL certificate. If you are unsure which one you need, you can simply enter the URL of your website into the check SSL certificate function before buying a certificate. The result of the SSL check shows you which SSL version is supported by your server in the "server configuration" section. If you still experience problems with the installation, turn to your certificate provider or the admin of your server.
Can the SSL check help me with problems with my SSL certificate?
Once you have installed your SSL certificate, you can use the SSL test to make sure it is working properly, installed correctly and valid. If this is not the case you will receive the notification "certificate is not installed correctly". Additionally you will receive a detailed analysis of your server configuration so you are aware of any problems or incompatibility and whether or not you need to modify your server configuration or use a different SSL certificate.
Which errors does the SSL check detect?
You can use the SSL checker as SSL verification and to detect and eliminate any faults; it detects faulty installation, incompatibility with server configurations and informs you of any security gaps in the certificate you are using. The SSL check detects problems in the following areas: Installation of the SSL certificate (first section): - No installation / faulty installation / wrong certificate - Security gaps in the installed certificate
Certificate information: - Type, name, and validity of certificate (time period and status) - Domain/Organization, serial number and other information
Certificate chain: - Which SSL certificates are involved in the exchange of data (dispatcher – recipient)? - Are they trustworthy, functional, and orderly?
Server configuration: - Which SSL certificates are compatible with your server configuration? - Which security gaps can be detected in your current certificate? - Which algorithms (cipher suites) are used for key exchange, encryption, and authentication?
What is a certificate chain?
The SSL encryption protocol encrypts the exchange of data using a number of keys, which are authenticated through various digital certificates. The following process is the foundation for this and is completed within a matter of seconds:
- The dispatcher retrieves the public key of the recipient. - A digital certificate proves the authenticity, scope of application and jurisdiction of the public recipient key. - A digital signature verifies the certificate of the public recipient key. - This signature can in turn be verified by the public key of the certificate issuer. - The issuer key has to prove its validity with a certificate.
This process forms an SSL certificate chain that ensures that both dispatcher and recipient can rely on the authenticity of the certified key. This also means that unauthorized third parties cannot read the encrypted data.
The SSL certificate chain can be found in the "certificate chain" section of the SSL test. Provided the SSL certificate of the tested website is functioning properly, the result of the test will show a multilevel chain with green checks next to the certificate symbols.
What do the cipher suites depicted in the SSL check mean?
The last section of the SSL check shows a list of the cipher suites supported by your server configuration. Each row represents one cipher suite. A cipher suite is a combination of standard encryption algorithms that are used to protect the exchange of data. For the SSL protocol (and its successor TLS) a specific algorithm in the cipher suite is defined for each task: key exchange / authentication, hash function (a sort of fingerprint of the data that is to be exchanged) and encryption.
Example of a cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035). TLS describes the encryption protocol and the key exchange occurs via the standard RSA algorithm. AES (Advanced Encryption Standard) with 256 Bit in the CBC mode (Cipher Block Chain) is used for the encryption, while the hash function works with SHA. The bracket indicates the byte sequence.