SSL Certificates ,sometimes called digital Certificates, are small data files that digitally bind a cryptographic key to an organization's details. SSL Certificates have a key pair: a public and a private key. These keys work together to establish an encrypted connection. The certificate also contains a subject , which is the identity of the certificate owner.

When installed on a web server, it activates the padlock and the https protocol (over port 443) and allows secure connections from a web server to a web browser. Typically, SSL is used to secure credit card transactions, data transfer and logins, and more recently is becoming the norm when securing browsing of social media sites. SSL Certificate bind together:

  • A domain name, server name or hostname.
  • An organizational identity (i.e. company name) and location.

An organization needs to install the SSL Certificate onto its web server to initiate secure sessions with browsers. Depending on the type of SSL Certificate applied for, the organization will need to go through differing levels of vetting. Once installed, it is possible to connect to the website over , as this tells the server to establish a secure connection with the browser. Once a secure connection is established, all web traffic between the web server and the web browser will be secure. Browsers tell visitors a website is SSL secure via the following visible trust indicators:

  • The standard HTTP is changed to HTTPS, automatically telling the browser that the connection between the server and browser must be secured using SSL.
  • The address bar turns from white to green, indicating to visitors the website is using SSL.
  • The padlock is activated, showing you that the browser connection to the server is now secure. If there is no padlock or the padlock shows a broken symbol, the page does not use SSL.
  • The website owner's legally incorporated company name is displayed prominently on the address bar.

SSL Certificate

References & Resources

  • N/A