A quick guide to SSL/TLS certificates

Whether you are an individual or a company, you should approach online security in the same way that you would approach physical security for your home or business.Not only does it make you feel safer but it also protects people who visit your home, place of business, or website. It is important to understand the potential risks and then make sure you are fully protected against them. In the fast-paced world of technology, it is not always easy to stay abreast of the latest advancements. For this reason it is wise to partner with a reputable Internet security company.

What Is an SSL Certificate?

An SSL certificate is a digital computer file (or small piece of code) that has two specific functions:

1. Authentication and Verification: The SSL certificate has information about the authenticity of certain details regarding the identity of a person, business or website, which it will display to visitors on your website when they click on the browsers padlock symbol or trust mark (e.g., the Norton Secured Seal). The vetting criteria used by

Certificate Authorities to determine if an SSL certificate should be issued is most stringent with an Extended Validation (EV) SSL certificate; making it the most trusted SSL certificate available.

2. Data Encryption:

The SSL certificate also enables encryption, which means that the

sensitive information exchanged via the website cannot be intercepted and read by anyone other than the intended recipient.

In the same way that an identity document or passport may only be issued by the countrys government

officials, an SSL certificate is most reliable when issued by a trusted Certificate Authority (CA). The CA has

to follow very strict rules and policies about who may or may not receive an SSL certificate. When you have a

valid SSL certificate from a trusted CA, there is a higher degree of trust by your customers, clients or partners.

SSL stands for Secure Socket Layer. It is a technology that establishes a secure session link between the visitors

web browser and your website so that all communications transmitted through this link are encrypted and are,

therefore, secure. SSL is also used for transmitting secure email, secure files, and other forms of information.

Would you send your private information or banking details to someone on the back of a postcard? SSL creates a safe and private channel for you to communicate.

In the same way that you lock and unlock doors using a key, encryption makes use of keys to lock and unlock

your information. Unless you have the right key, you will not be able to open the information. Each SSL

session consists of two keys:

 The public key is used to encrypt (scramble) the information.

 The private key is used to decrypt (un-scramble) the information and restore it to its original format

so that it can be read.

The Process:

Every SSL certificate that is issued for a CA-verified entity is issued for a specific server and website domain (website address). When a person uses their browser to navigate to the address of a website with an SSL certificate, an SSL handshake (greeting) occurs between the browser and server. Information is requested from the server  which is then made visible to the person in their browser window. You will notice changes to indicate that a secure session has been initiated  for example, a trust mark will appear. If you click on the trust mark, you will see additional information such as the validity period of the SSL certificate, the domain secured, the type of SSL certificate, and the issuing CA. All of this means that a secure link is established for that session, with a unique session key, and secure communications can begin.

Previous Post:

Next Post:

Add a Comment

Your email address will not be published. Required fields are marked *

error: Content is protected !!