Discover what SSL is and why you need it.
SSL certificates keep online interations private even though they travel across the public internet. They help customer gain the confidence to transact with your website. Doing business online without SSL is equivalent to leaving customer credit card information on the counter or offering a dressing room without a door.
What is an SSL Certificate?
An SSL certificate (or cert for short) is a bit of code on your web server that provides security for online communications. When a web browser contacts your secured website, the SSL cert enables an ecrypted connection. It is similar to sealing a letter in an envelope before sending it through the mail.
SSL certificates also inspire trust because each SSL cert contains identification information. When you request an SSL Cert, a thrid part (such as Thawte) verifies your organization's information and issues a unique certificate to you with that information. This is known as the authentication process.
How SSL Works:
When an internet user visits a secure web site, an SSL certification provides identification information about the web server and establishes an encrypted connection. This process happens in a fraction of a second.
What happens between the web browser and server:
- A browser attempts to connect to a website secured with SSL. The browser requests that the web server identify itself.
- The server sends the browser a copy of its SSL cert.
- The browser checks whether it trusts the SSL cert. If so, it sends a message to the server.
- The server sends back a digitally signed acknowledement to start an SSL encrypted session.
- Encrypted data is shared between the browser and the server.
There are 3 essential elements at work in the process described above: a protocol for communications (SSL), credentials for estrablishing identity (the SSL certification), and a third party that vouches for the credentials (the certificate authority).
- Computers use protocols to allow different systems to work together. Web servers and web browsers rely on the Secure Sockets Layer (SSL) protocol to enable enccrypted communications. The browsers request that the server identify itself is a function of the SSL protocol.
- Credentials for establishing identity are common to our everyday lives: a driver's license, a passport, a company badge. An SSL Certificate is a type of digital certificate that serves as a credential in the online world. Each SSL Cert uniquely identifies a specific domain (such as thawte.com) and a web server.
- Our trust of a credential depends on our confidence in the organization that issued it. Certificate authorities have a variety of methods to verify information provided by individuals or organizations. Established certificate authorities, such as Thawte, are well known and trusted by browser vendors. Browsers extend that trust to digital certificates that are verified by the certificate authority.