Does Rapid SSL certificate provide 128 bit encryption OR 256 bit encryption?

The actual encryption strength on a secure website connection enabled by a digital SSL certificate is determined by the level of encryption supported by the visitor's Browser and the Hosting Server.

Once a connection between the server and browser is established, and a public key encoded in the certificate is sent from the server to the browser, the browser needs to generate a symmetric key for encryption of the data that will be transmitted further. Here, browser and the server both will compare their lists of available encryption algorithms(Cipher Suits) and choose the strongest one they both support for symmetric encryption. Nowadays modern Browsers and Servers usually use three algorithms for this:

  • RC4(128bit)
  • AES(128bit)i
  • AES(256bit)

For IIS webserver, you can force your webserver to use only 256-bit encryption. In case of Unix based servers, available ciphers usually depend on an openssl library.
Hence, if your website is hosted on a server whose webserver supports 256-bit encryption such as Apache 2.X, then site visitors that use a Firefox browser will have their transactions with your site protected by 256-encryption. Thus with the right combination of Web browser and Web server, you can establish a 256-bit encrypted secure connection.

How would Browser know whether to generate a 256 Bit key or 128 Bit?

This depends on the cipher suite negotiation between browser and Server, not on the certificate installed on the server. When the browser initiates the connection with a Client, it sends a list of cipher suites it supports. The server then picks the one it wants and response back.

For any secure website, click on padlock sign, if you see cipher suite AES_128_GCM ECDHE_ECDSA under Connection tab.

SSL Certificate Information About Cipher Suite

That means, both server and browser have negotiated to use cipher suite AES_128_GCM. They will use 128 Bit Encryption with ECDHA_ECDSA key exchange.
Most Certification Authorities tend to put "256 Bits" on their websites because it looks good from a marketing point of view. It's not wrong, but it can be misleading for people who don't understand that it's how your server is set up and what your clients support that matters.
  • 1 Users Found This Useful

Was this answer helpful?

Related Articles

What is the charge for SSL certificate purchase and installation?

We are offering different types of SSL certificates. Please refer following URL for available SSL...

Comparison of Rapid SSL Certificate V/s. WildCard SSL Certificate V/s. Multi Domain SSL Certificate

  Rapid SSL Certificate Wild Card SSL Certificate Multi Domain SSL Certificate...

How do I enable TLS 1.2 on Windows 7?

This article will guide to enable TLS 1.2 on Windows 7.TLS is a replacement of the Secure...

Comparison Between Paid SSL by AccuWeb Hosting and Let's Encrypt Free SSL?

The SSL Certificates are small data files that digitally bind a cryptographic key, so the data...

What should I choose at the time of purchase of SSL? WWW or without WWW?

In this case, you can consider the fact "How you have configured your website". To determine...