|What ports must be opened to use Secure Sockets Layer (SSL), and why?|
|Port 443 is an absolute requirement in order to use Secure Sockets Layer (SSL). This is a standard port required even for in-session CitiDirect Online Banking and any other application employing this standard security.|
If you obtain an Entrust End User certificate through Citigroup, three additional ports should be opened.
When you receive the authorization and reference codes, Port 709 must be open to be able to retrieve your certificate.
Port 389 allows us to manage the certificates by checking them against our directory services.
Port 829 provides for automatic renewal of certificates.
After initially retrieving your certificates, you can choose to close these ports (not 443) and work off-line. It is strongly recommended that you open them, at least monthly, or you forfeit the benefits of renewals and policy updates.