What Are SSL Certificates?
What Are SSL Certificates?
(SSL, information security)
No doubt you’ve heard about and even come across a SSL security certificate before, but do you know what one actually is, or what it actually does? It’s surprising that very few people have much knowledge of what SSL certificates are, outside of the fact they provide information security for online transactions.
SLL stands for “Secure Socket Layer Protocol Certificate”, and these are designed to provide a high level of information security for transactions that carry sensitive data between servers and web browsers. Originally conceived by Netscape, SSL certificates are a third party that is used to secure information and ascertain that both parties in a transaction are who they say they are. SSL certificates are trusted in much the same way as a passport or driving license issued from the relevant government body is taken for granted.
To better understand how SSL certificates work, we can imagine somebody sending a letter through the regular mail service (the old fashioned way). Because a normal letter in an envelope has no security whatsoever, it would be possible for anyone to take that letter and open it if they thought it contained something valuable. The same thing applies to emails and other unsecured online communications. When you use an SSL certificate however, it’s like sending your letter by courier, together with a squad of crack commandos guarding it. There’s a lot less chance that anyone is going to take your letter!
SSL certificates provide an extremely high level of information security for data exchanged over the internet, and are the most trusted form of online security.
How an SSL certificate works:
Here’s how an SSL certificate works in the real world, beginning when you click that “pay now” button:
- The browser requests a secure page, usually beginning with “https://”.
- The server sends a public key together with its SSL certificate.
- The browser will now verify that the SSL certificate is valid, comes from a trusted source and is connected to the website you are trying to contact.
- Once verified, the browser uses the public key to generate a random symmetric encryption key.
- The symmetric key is then sent to the server, together with the required URL and any other encrypted http data.
- The server will then decrypt the symmetric key with its private key. Using the data from the decrypted symmetric key, it then decrypts the URL and any http data.
- The http data and html document requested is then sent to the browser, again encrypted with the symmetric key
- The browser decrypts the html and http data with the symmetric key, and finally the information can be displayed on screen.
Because of the way online business has mushroomed in recent years, SSL certificate protection is no longer simply a luxury – it is a vital information security tool for any business wishing to conduct transactions online.
The Last 30 Posts
- Mac users wake-up to Java Malware attack - April 13, 2012 - 0 comments
- Zappos customer information hacked - January 21, 2012 - 0 comments
- FACEBOOK NOW REQUIRES AN SSL - October 1, 2011 - 0 comments
- Myspace sold for $35 million - June 29, 2011 - 0 comments
- Google takes on Facebook with Google+ - June 29, 2011 - 0 comments
- Google Gmail account passwords hacked from China Hackers - June 1, 2011 - 0 comments
- Sony Playstation Network Hacked Security Breach - April 28, 2011 - 0 comments
- iPad- Still too good to beat? Consumer Reports doesn’t think so - April 5, 2011 - 0 comments
- Epsilon Security- Best Buy, Marriot, and Target email lists compromised - April 5, 2011 - 0 comments
- istyles.com case study - March 31, 2011 - 0 comments
- Comodo Criticized over SSL hack - March 30, 2011 - 0 comments
- Using an SSL to make your way through to a site under a DoS attack - March 29, 2011 - 0 comments
- Going Green Online – Increasing Sales - March 26, 2011 - 0 comments
- Tor: Bringing Online Security to The Next Level and Leaving Big Brother in a Conundrum - March 23, 2011 - 0 comments
- Scammers Take Over During Disasters - March 20, 2011 - 0 comments
- View your favorite sites at work - March 17, 2011 - 0 comments
- Web 2.0 Expo – Is it worth it? - March 17, 2011 - 0 comments
- Smart Phones, who do they really help? - March 16, 2011 - 0 comments
- South by Southwest Technology Summit - March 15, 2011 - 0 comments
- What’s the Point in using an SSL Security Certificate? - March 14, 2011 - 4 comments
- Cyber Security certificates? - March 14, 2011 - 0 comments
- Https for Facebook - March 10, 2011 - 0 comments
- iPad Disassembly by TechRestore - March 10, 2011 - 4 comments
- Google SSL Encrypted or Not? - October 28, 2010 - 0 comments
- SSL Explained - October 25, 2010 - 0 comments
- apple (3)
- Facebook (4)
- Gadgets (2)
- Google (3)
- hackers (6)
- media (1)
- Mobile (1)
- Myspace (1)
- product review (1)
- security (17)
- Social media (1)
- Social Media Security (2)
- ssl (6)
- tradeshows (1)
- zappos (1)