SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain encrypted, private and integral.
An SSL certificate is necessary to create SSL connection. You would need to give all details about the identity of your website and your company as and when you choose to activate SSL on your web server. Following this, two cryptographic keys are created – a Private Key and a Public Key.
The next step is the submission of the CSR (Certificate Signing Request), which is a data file that contains your details as well as your Public Key. The CA (Certification Authority) would then validate your details. Following successful authentication of all details, you will be issued SSL certificate. The newly-issued SSL would be matched to your Private Key. From this point onwards, an encrypted link is established by your web server between your website and the customer’s web browser.
On the apparent level, the presence of an SSL protocol and an encrypted session is indicated by the presence of the lock icon in the address bar. A click on the lock icon displays to a user/customer details about your SSL. It’s to be remembered that SSL Certificates are issued to either companies or legally accountable individuals only after proper authentication
What is SSL/TLS Certificate?
SSL or TLS (Transport Layer Security) certificates are data files that bind a cryptographic key to the details of an organization. When SSL/TLS certificate is installed on a web server, it enables a secure connection between the web server and the browser that connects to it. The website’s URL is prefixed with “https” instead of “http” and a padlock is shown on the address bar. If the website uses an extended validation (EV) certificate, then the browser may also show a green address bar.
What is SSL used for?
The SSL protocol is used by millions of online business to protect their customers, ensuring their online transactions remain confidential. A web page should use encryption when it expects users to submit confidential data, including personal information, passwords, or credit card details. All web browsers have the ability to interact with secured sites so long as the site’s certificate is issued by a trusted CA.
Why do I need SSL certificate?
The internet has spawned new global business opportunities for enterprises conducting online commerce. However, that growth has also attracted fraudsters and cyber criminals who are ready to exploit any opportunity to steal consumer bank account numbers and card details. Any moderately skilled hacker can easily intercept and read the traffic unless the connection between a client (e.g. internet browser) and a web server is encrypted.
How Does SSL Work?
The following graphic explains how SSL Certificate works on a website. The process of how an ‘SSL handshake’ takes place is explained below:
- An end-user asks their browser to make a secure connection to a website (e.g.https://www.example.com)
- The browser obtains the IP address of the site from a DNS server then requests a secure connection to the website.
- To initiate this secure connection, the browser requests that the server identifies itself by sending a copy of its SSL certificate to the browser.
- The browser checks the certificate to ensure:
- That it is signed by a trusted CA
- That it is valid – that it has not expired or been revoked
- That it confirms to required security standards on key lengths and other items.
- That the domain listed on the certificate matches the domain that was requested by the user.
- When the browser confirms that the website can be trusted, it creates a symmetric session key which it encrypts with the public key in the website’s certificate. The session key is then sent to the web server.
- The web server uses its private key to decrypt the symmetric session key.
- The server sends back an acknowledgement that is encrypted with the session key.
- From now on, all data transmitted between the server and the browser is encrypted and secure.
How do I implement SSL on my website?
Step 1. Acquire SSL certificate
Step 2. Activate and install your SSL certificate
Step 3. Update Website from HTTP to HTTPS
Who issues SSL Certificates?
A certificate authority or certification authority (CA) issues SSL certificates. On receiving an application, the CA verifies two factors: It confirms the legal identity of the enterprise/company seeking the certificate and whether the applicant controls the domain mentioned in the certificate. The issued SSL certificates are chained to a ‘trusted root’ certificate owned by the CA. Most popular internet browsers such as Firefox, Chrome, Internet Explorer, Microsoft Edge, and others have these root certificates embedded in their ‘certificate store’. Only if a website certificate chains to a root in its certificate store will the browser allow a trusted and secure https connection. If a website certificate does not chain to a root then the browser will display a warning that the connection is not trusted.