An SSL certificate is a digital certificate that authenticates the identity of a website and enables an encrypted connection. SSL stands for Secure Sockets Layer, a security protocol that creates an encrypted connection between a web server and a web browser.
Businesses and organizations need to add SSL certificates to their websites to secure online transactions and keep customer information private and secure.
In short, SSL protects Internet connections and prevents criminals from reading or changing information transmitted between two systems. If you see a lock icon next to the URL in the address bar, it means SSL is protecting the website you’re visiting.
Since its inception some 25 years ago, there have been various versions of the SSL protocol, all of which have had security issues at some point. A revised and renamed version followed: TLS (Transport Layer Security), which is still in use today. However, the initials SSL stuck around, so the new version of the protocol is usually still known by the old name.
Get in touch with us _
What is an SSL certificate?
An SSL certificate is a code on your web server that provides secure online communications. When a web browser communicates with your secure website, the SSL certificate enables an encrypted connection. It’s like putting a letter in an envelope before mailing it.
SSL certificates also inspire trust because each SSL certificate contains credentials. When you order an SSL certificate, a third party (such as Thawte) validates your organization information and uses that information to issue you a unique certificate. This is called the authentication process.
How do SSL certificates work?
SSL works by ensuring that all data transmitted between users and websites or between two systems remains unreadable. It uses encryption algorithms to scramble data in transit, preventing hackers from reading it as it is sent over the connection. This data includes potentially sensitive information such as names, addresses, credit card numbers, or other financial information.
The process works as follows:
- A browser or server tries to connect to a website (ie a web server) protected by SSL.
- The browser or server asks the web server to identify itself.
- The web server sends the browser or server a copy of its SSL certificate in response.
- The browser or server checks whether it trusts the SSL certificate. If so, it reports it to the web server.
- The web server then returns a digitally signed confirmation to start an SSL encrypted session.
- The encrypted data is shared between the browser or server and the web server.