SSL Certificates
What is an SSL Certificate? (Secure Sockets Layer)
SSL Certificates are small data files that digitally bind a cryptographic key to an organization’s details. When installed on a web server, it activates the padlock and the https protocol and allows secure connections from a web server to a browser. Typically, SSL is used to secure credit card transactions, data transfer and logins, and more recently is becoming the norm when securing browsing of social media sites.
SSL Certificates bind together:
- A domain name, server name or hostname.
- An organizational identity (i.e. company name) and location
An organization needs to install the SSL Certificate onto its web server to initiate a secure session with browsers. Once a secure connection is established, all web traffic between the web server and the web browser will be secure.
When a certificate is successfully installed on your server, the application protocol (also known as HTTP) will change to HTTPs, where the ‘S’ stands for ‘secure’. Depending on the type of certificate you purchase and what browser you are surfing the internet on, a browser will show a padlock or green bar in the browser when you visit a website that has an SSL Certificate installed.
How Does an SSL Certificate Work?
SSL Certificates use something called Public Key Cryptography.
This particular kind of cryptography harnesses the power of two keys which are long strings of randomly generated numbers. One is called a private key and one is called a public key. A public key is known to your server and available in the public domain. It can be used to encrypt any message. If John is sending a message to Bob she will lock it with Doe’s public key but the only way it can be Decrypted is to unlock it with Doe’s private key. Doe is the only one who has his private key so Doe is the only one who can use this to unlock Alice’s message. If a hacker intercepts the message before Doe unlocks it, all they will get is a cryptographic code that they cannot break, even with the power of a computer. If we look at this in terms of a website, the communication is happening between a website and a server. Your website and server are John and Doe.
Why Do I Need An SSL Certificate?
SSL Certificates protect your sensitive information such as credit card information, usernames, passwords etc. It also:
- Keeps data secure between servers
- Increases your Google Rankings
- Builds/Enhances customer trust
- Improves conversion rates
How Do I Know a Website is Secure with SSL?
Technically, SSL is a transparent protocol which requires little interaction from the end user when establishing a secure session. In the case of a browser, you can tell if a site is using SSL when a padlock is displayed or the address bar shows the URL as HTTPS instead of HTTP.
Here is an example of a website secured with SSL in Chrome 56 versus a website that is insecure.
Why Do I Need SSL?
With so much of our day to day transactions and communications happening online, there is very little reason for not using SSL. SSL supports the following information security principles:
- Encryption: protect data transmissions (e.g. browser to server, server to server, application to server, etc.)
- Authentication: ensure the server you’re connected to is actually the correct server.
- Data integrity: ensure that the data that is requested or submitted is what is actually delivered.
SSL can be used to secure:
- Online credit card transactions or other online payments.
- Intranet-based traffic, such as internal networks, file sharing, extranets and database connections.
- Webmail servers like Outlook Web Access, Exchange and Office Communications Server.
- The connection between an email client such as Microsoft Outlook and an email server such as Microsoft Exchange.
- The transfer of files over HTTPS and FTP(s) services, such as website owners updating new pages to their websites or transferring large files.
- System logins to applications and control panels like Parallels, cPanel and others.
- Workflow and virtualization applications like Citrix Delivery Platforms or cloud-based computing platforms.
- Hosting control panel logins and activity like Parallels, Cpanel and others.