What is SSL?

SSL (Secure Sockets Layer) is a standard security technology for establishing an encrypted link between a server and a client, typically a web server (website) and a browser; a mail server and a mail client (e.g. Outlook)

SSL allows sensitive information such as credit card numbers, social security numbers, and login credentials to be transmitted securely. Normally, data sent between browsers and web servers is sent in plain text, which leave you vulnerable to eavesdropping. If an attacker is able to intercept all data being sent between a browser and a web ser, they can see and use that information.

More specifically, SSL is a security protocol. Protocols describe how algorithms should be used; in this case, the SSL protocol determines variables of the encryption for both the link and the data being transmitted.

SSL secures millions of people's data on the Internet every day, especially during online transactions or when transmitting confidential information. Internet users have come to associate their online security with the lock icon that comes with an SSL-secured website or green address bar that comes with an extended validation SSL-secured website. SSL-secured website also begin with https rather than http.

SSL Certificate - Secure Sockets Layer

SSL Certificate

All browsers have the capability to interact with secured web servers using the SSL protocol. However, the browser and the server need a SSL certificate to be able to establish a secure connection.

What is SSL Certificate?

SSL Certificates have a key pair: a public and a private key. These keys work together to establish an encrypted connection. The certificate also contains a subject , which is the identity of the certificate owner.

How to get a SSL Certificate

To get a SSL certificate, you mush create a Certificate Signing Request (CSR) on your server. This process creates a private key and public key on your server. The CSR data file that you send to the SSL Certificate issuer (Usually called a Certificate Authority or CA) contains the public key. The CA uses the CSR data file to create a data structure to match your private key without compromising the key itself. The CA never sees the private key.

Once you receive the SSL certificate, you install it on your server. You also install an intermediate certificate that established the credibility of your SSL Certificate by typing to your CA's root certificate.

  • Install SSL on Nginx for Ubuntu
  • Install SSL on Apache for Ubuntu
  • Install SSL on IIS

The most important part of an SSL certificate is that it is digitally signed by a trusted CA. Anyone can create a certificate, but browsers only trust certificates that come from an organization on their list of trusted CAs. Browsers come with a pre-installed list of trusted CAs, known as the Trusted Root CA store. In order to be added to the Trusted Root CA store and thus become a Certificate Authority, a company must comply with and be audited against security and authentication standards established by the browsers.

An SSL certificate issued by a CA to an organization and its domain/website verifies that a trusted third party has authenticated that organization's identity. Since the browser trusts the CA, the browser now trusts that organization's identity too. The browser lets the user know that the website is secure, and the user can feel safe browsing the site and even entering their confidential information.

For how does SSL certificate create a secure connection, please read this:

Why Do we need SSL?

  • One of the most important components of online business is creating a trusted environment where potential customers feel confident in making purchases. Browsers give visual cues, such as a lock icon or a green bar, to help visitors to know when their connection is secured.
    SSL Certificate - Secure Sockets Layer
  • If your site collects credit card information you are required by the Payment Card Industry (PCI) to have an SSL Certificate. If your site has a login section or sends/receives other private information (street address, phone number, health records, etc.), you should use SSL Certificate to protect the data.
  • Your customers want to know that you value their security and are serious about protecting their information. More and more customers are becoming savvy online shoppers and reward the brands that they trust with increased business.

References & Resources

  • N/A