SSL (secure sockets layer) is a cryptographic protocol for sending secure communications over a network. Essentially SSL works by using digital certificates to specify secured parties and then arranging a “key” to ensure the communication exchanged is encrypted. More details on SSL and how it works can be found here.
One of the ways in which we can ensure SSL is working is by noting the presence of https:// in a web URL. When a user connects to a site with an SSL certificate, the site should resolve successfully to its normal URL with https:// replacing the traditional http://. This indicates that the communication is being done via a secure port, thus limiting the risk of sharing site content, unencrypted, between parties. This security minimizes the ability of phishers and others to execute impersonation attacks on websites.
SSL at NC State
As of 2014, OIT began rolling out SSL certificates for all campus-hosted sites. The decision to apply SSL and to encourage the shift to SSL across all university sites was made for several reasons.
- Improved security and reliability for campus sites
- In anticipation of the move to Shibboleth for authentication on all NC State sites
- Improved search engine ranking by Google and other search engines for secured sites
Testing Your SSL Connection
Just because your site resolves to https:// does not mean it does so successfully. Any number of links or site resources used in the building of your website may not be hosted securely, thus causing your SSL connection to be incomplete.
All campus sites have until November 2nd, 2015 to test and update their sites in order to make them resolve successfully to https://. On November 2nd, the default for campus URLs will change from http:// to https://.
Below are several help articles for identifying and correcting links in various types of websites, and for help with WordPress sites and SSL. If you have additional questions or specific issues please send email to the Help Desk (firstname.lastname@example.org) for further assistance.