Most of the time an error reading an email or getting Firefox’s secure connection failed warning are the reasons you’ll go through the clunky process of inspecting a digital certificate. There are other good reasons to check out a certificate from time to time, and it’s easy to read the basics. Reading certificates is very easy and doing so provides valuable information, and you shouldn’t be afraid or baffled by the lock icon.

The two most common encounters with certificates you’ll have are through web browsers and digitally signed or encrypted emails. Below is a short example on how to read browser certificates.

Browser Certificates

You might want to verify a certificate to ensure that you are indeed looking at the site you intended since you’ve learned a thing or two from Anti-Phishing Phil. You may also want to look at what specific encryption is being used by a custom website that your organization (is or plans to) use and see if it meets your internal or legal requirements.

1. Click on the hard-to-see lock icon at the bottom right of your browser.

2.

certificate-information

This window gives you some basic information about the certificate. You’ll see that it was issued to Paypal.com by VeriSign (automatically trusted by Internet Explorer and Firefox) and how long the certificate is valid.

3. For a bit more information, in Internet Explorer click the Details tab. Here you’ll find much more information about a given certificate – including which signature algorithm was used to sign the certificate. Useful information if your organization is testing a Web application and wants to make sure that it meets your internal cryptographic requirements.

internet-explorer-certificate-details-tab

You’ll also be able to tell if a website is using the MD5 hashing algorithm, which is seriously broken this time.