If you have a question that is not answered here then please contact Oriensoft XpressHost Support Staff at  support@oriensoft.com  OR Call Toll Free 1-800-209-7799

 How are Web server certificates trusted by the browsers?

Web server certificates are automatically and transparently trusted by browsers. This trust is established because Certification Authority CA is linked to one of the existing Root CAs in the browsers. The Root CA linked to CA. Oriensoft is proud to be working in partnership with Entrust / Verisign to provide Web server certificates that are automatically trusted by browsers.

 How strong are Web Server certificates?

You determine the strength of the public key in the certificate when you generate the key pair for your Web server. If you generate a 1024-bit key pair and submit the associated CSR, then the certificate you receive contains the 1024-bit public key. If you generate a 512-bit key pair then the certificate contains the 512-bit public key. Certificates are signed with a 1024-bit RSA key (the CA private signing key).

 How do I get 128 bit / full strength sessions?

The strength of the SSL session between a browser and server depends on the strength of the session key that is generated during session negotiation. This is a symmetric key used to encrypt and decrypt data exchanged by the browser and server.

Browsers and servers usually negotiate the strongest mutually supported session. This means that if the user's browser and your Web server both support 128-bit SSL sessions, a 128-bit session is established. If the user's browser only supports 40-bit SSL sessions, then a 40-bit session is established even if your Web server supports 128-bit sessions.

In general, browsers that have been exported from the United States only support 40-bit SSL sessions. These "international" versions are also relatively common within the United States. Browsers that are exclusively distributed within the United States or manufactured by companies outside of the United States support 128-bit SSL sessions.

 What browsers will my server certificate work with?

The certificates we issue work with all major browsers. For a full list take a look at our compatibility page.

 How do Web server certificates work for different versions of browsers?

Thawte's Root CA expires in the year 2020 in all Netscape version 4.0 (and later) browsers. Users of those browsers will experience no difficulties connecting to Web servers protected with SSL Certificates sold thru us.

In July 1998, Thawte's Root CA expired in Netscape 3.x browsers. This means that Netscape 3.x users connecting to CA Web servers need to download a new CA certificate (or upgrade to a later version of the browser). It is reasonable to believe that many Netscape 3.x users have already downloaded a new Thawte CA certificate into their browsers. Why? Independent studies show that Thawte currently has between 20% to 30% of the Web server certificate market. Given that, many Netscape 3.x users who are active on the Web will have already encountered Thawte's CA expiration and solved the problem.

Even though Thawte's CA certificate expires in July 1998 in IE 3.01, 3.02, and 3.03, those browser versions also do not present warning messages when connecting to a Web server whose certificate is signed by an expired Root CA. IE 3.0 did not include Thawte's Root CA; therefore, users of IE 3.0 will need to download Thawte's Root CA before connecting to Web servers protected with Web server certificates.

Thawte's Root CA in IE 4.x and 5.x expires in the year 2020

 Is my certificate tied to my IP address?

No, certificates do not contain any information about IP addresses. However, the domain name listed in the certificate must match the domain name of the server on which the certificate is installed. The domain name can be mapped to any IP address.

 I am using several Web servers in a load balancing configuration. How many SSL Certificates do I need?

You will need one SSL Certificate for each of your secure Web servers (including any virtual Web servers).

 How much does a server certificate cost?

The cost of a server certificate depends on its validity period. See our pricing page for the latest details. We offer discounts to volume buyers and customers!

 How long does it take to get a certificate?

Companies that have been in existence for more than a year under their current name and address will usually receive a certificate within 3-7 business days. However, newer companies may have to wait longer.

How do I renew my server certificate?

Some other public CAs will simply repackage your old public key in a new certificate and call it a "renewal". Because cryptographic keys can be compromised by a sustained computational attack over many years, Entrust asks that you generate a new key pair and CSR and request a fresh certificate. By renewing your public key along with the certificate you ensure maximum security for your transactions. See <pricing page> for discount pricing.

 What is the renewal fee?

The renewal fee depends on the type of certificate you are requesting. See our pricing page for the latest details.

 How do I correct my server certificate after it is issued to me?

Unfortunately we cannot correct certificates once they have been issued. If we make a processing error we will issue a new certificate based on your submitted information at no cost. Otherwise you must buy a new certificate.

 How do I check the status of my certificate request?

You can check the status of your order online. Simply enter the order number generated when you requested your certificate to see the online status page.

 How will I know if my enrollment was successful?

You will receive an email when your order has been processed. This email includes a link to your request status page and links to each of the certificates that have been issued. If any of your certificate requests have not been approved the status page explains why

 What do I do if any of the contact information changes?

If your contact information changes please fax the updated information to Oriensoft XpressHost at +91-22-67111555 OR Toll Free 1-800-209-7799. Remember to include the Fax ID that was generated during the enrollment process on your correspondence.