SSL stands for “Secure Socket Layer.” It is a technology that establishes a secure session
link between the visitor’s web browser and your website so that all communications transmitted
through this link are encrypted and are, therefore, secure. SSL is also used for transmitting secure email,
secure files, and other forms of information.
SSL creates a safe and private channel for you to communicate.
What Is an SSL Certificate?
An SSL certificate is a digital computer file (or small piece of code) that has two
specific functions:
1
Authentication and Verification: The SSL certificate has information about
the authenticity of certain details regarding the identity of a person, business or
website, which it will display to visitors on your website when they click on the
browser’s padlock symbol or trust mark (e.g., the Norton™ Secured Seal). The
vetting criteria used by Certificate Authorities to determine if an SSL certificate
should be issued is most stringent with an Extended Validation (EV) SSL
certificate; making it the most trusted SSL certificate available.
2
Data encryption: The SSL certificate also enables encryption, which means that
the sensitive information exchanged via the website cannot be intercepted and
read by anyone other than the intended recipient.
In the same way that a identity document or passport may only be issued by the
country’s government officials, an SSL certificate is most reliable when issued by a
trusted Certificate Authority (CA). The CA has to follow very strict rules and policies
about who may or may not receive an SSL certificate. When you have a valid SSL
certificate from a trusted CA, there is a higher degree of trust by your customers,
clients or partners.
How Does SSL encryption Work?
In the same way that you lock and unlock doors using a key, encryption makes use
of keys to lock and unlock your information. Unless you have the right key, you will
not be able to “open” the information.
Each SSL session consists of two keys:
•
The public key is used to encrypt (scramble) the information.
•
The private key is used to decrypt (un-scramble) the information and restore it
to its original format so that it can be read.
The Process: Every SSL certificate that is issued for a CA-verified entity is issued for a specific server and website domain (website address). When a person uses their browser to navigate to the address of a website with an SSL certificate, an SSL handshake (greeting) occurs between the browser and server. Information is requested from the server – which is then made visible to the person in their browser window. You will notice changes to indicate that a secure session has been initiated – for example, a trust mark will appear.If you click on the trust mark, you will see additional information such as the validity period of the SSL certificate, the domain secured, the type of SSL certificate, and the issuing CA. All of this means
that a secure link is established for that session, with a unique session key, and secure communications can begin.
How Do I Know that a Site Has a Valid SSL Certificate?
1 A standard website without SSL security displays “http:// ” before the website
address in the browser address bar. This moniker stands for “Hypertext
Transfer Protocol,” and is the conventional way to transmit information over
the Internet.
2. However, a website that is secured with a SSL certificate will display “https:// ”
before the address. This stands for “Secure HTTP.”
Where Would I Use an SSL Certificate?
The short answer to this question is that you would use an SSL certificate anywhere
that you wish to transmit information securely.
Here are some examples:
•
Securing communication between your website and your customer’s Internet
browser.
•
Securing internal communications on your corporate intranet.
•
Securing email communications sent to and from your network (or private email
address).
•
Securing information between servers (both internal and external).
•
Securing information sent and received via mobile devices.
Different types of SSL Certificates
There are a number of different SSL certificates on the market today.
•
The first type of SSL certificate is a
self-signed certificate. As the name implies,
this is a certificate that is generated for internal purposes and is not issued by a
CA. Since the website owner generates their own certificate, it does not hold the
same weight as a fully authenticated and verified SSL certificate issued by a CA.
•
A
Domain Validated certificate is considered an entry-level SSL certificate
and can be issued quickly. The only verification check performed is to ensure
that the applicant owns the domain (website address) where they plan to use
the certificate. No additional checks are done to ensure that the owner of the
domain is a valid business entity.
•
A
fully authenticated SSL certificate is the first step to true online security and
confidence building. Taking slightly longer to issue, these certificates are only
granted once the organization passes a number of validation procedures and
checks to confirm the existence of the business, the ownership of the domain,
and the user’s authority to apply for the certificate.
Tips
•
A domain name is often used with a number of different host suffixes. For this
reason, you may employ a Wildcard certificate that allows you to provide full
SSL security to any host of your domain – for example, host.your_domain.com
(where “host” varies but the domain name stays constant).
•
Similar to a
Wildcard certificate, but a little more versatile, the
SAN (Subject
Alternative Name) SSL certificate allows for more than one domain to be added
to a single SSL certificate.
•
Code signing certificates are specifically designed to ensure that the software
you have downloaded was not tampered with while en route. There are many
cybercriminals who tamper with software available on the Internet. They may
attach a virus or other malicious software to an innocent package as it is being
downloaded. These certificates make sure that this doesn’t happen.
•
Extended Validation (EV) SSL certificates offer the highest industry standard
for authentication and provide the best level of customer trust available. When
consumers visit a website secured with an EV SSL certificate, the address bar
turns green (in high-security browsers) and a special field appears with the
name of the legitimate website owner along with the name of the security
provider that issued the EV SSL certificate. It also displays the name of the
certificate holder and issuing CA in the address bar. This visual reassurance has
helped increase consumer confidence in e-commerce.