The SSL (Secure Sockets Layer) securiry certificate is a digital protocol developed by the company Netscape Communications in order to authenticate the identity of websites and thus protect the transfer of information between user and server.
In other words, SSL is a security system that allows data to be encrypted in a format that can only be read with the decryption key. And the certificate is something like the passport or electronic signature that proves the user’s identity and credentials when accessing a secure website.
For this purpose, SSL certificates are composed of a public part (which encrypts the data) and a private part (which decrypts the data). And they usually contain the following information:
- Serial number of the certificate
- Expiry date of the certificate
- Name of the client (for whom the certificate is generated)
- Copy of the public key to encrypt the data
- Digital signature of the issuing authority
How does the SSL certificate work?
As we have seen, the SSL certificate is the digital certificate that allows the user to establish a secure connection with the server when transferring or receiving credential information (key especially in online shops).
Although it is usually used with HTTPS, as it is an open protocol it can be used with almost any Internet communication service, such as FTP, SMTP, IMAP or POP3.
But… How exactly does it work? Let’s see:
The SSL protocol uses an information encryption system with a 128-bit key that can only be known by the server to which the connection is established and by the user’s machine connected.
Thus, the transferred data goes through an encryption process that is virtually impossible to decrypt without the key, so that it cannot be traced, read or copied by agents outside the communication process.
This requires, as mentioned above, that the website has an SSL certificate installed. Now then…
Can any website get an SSL certificate?
When a company wishes to encrypt and protect information on its website, it must it must request the certificate from a certificate authority (CA): entities authorised to provide the certificate. For example, Thawte, RapidSSL, GeoTrust or the world’s leading CA, VeriSign.
?? Please note: Some users request the SSL certificate directly from their hosting provider. This is not a problem, as long as you bear in mind that the provider is not a CA, but an authorised intermediary.
Another possibility is to go directly to the website of one of the CAs (for example, one of those mentioned above) and process it directly with them.
In fact, the way it works is very similar to the contracting of web hostings: you pay an initial amount that has a stipulated duration. Once it is finished, the certificate must be renewed with another payment so that it does not lose its validity.
So far so clear. But once purchased…
How to install the SSL certificate?
Once the CA issues a certificate that the user has purchased, the user must go to the website where the purchase has been processed to download the script for the seal. This is a small line of encrypted information that links to a pop-up window created by the CA, where information about the certificate can be found.
At this point, all you have to do is enter the common name under which you purchased the SSL certificate and update the HTML of the websites where you want to add the seal: forms where confidential information is collected, pages where payments are made…
How to identify a seal
There are several indicators that guarantee that you are on a secure website. First, the HTTPS prefix in the URL address, instead of HTTP. Second, a padlock icon is displayed (it can appear in different parts of the browser). Clicking on it displays a window with the public data of the certificate and the CA that issued it.
Most common uses of the SSL protocol
Digital certificates have three main tasks:
- Trust. They endorse the identity of a website in order to establish a relationship of trust and reliability with users.
- SEO. Security certificates are a plus for your relationship with Google.
- Security. They guarantee the protection and confidentiality of data provided on this website, or between servers.
Regarding the last point, any eCommerce, financial or banking institution must have an SSL certificate. And in general, any online portal that handles personal customer information should consider using this protocol: from micro-enterprises to the so-called big business.
If you would like a personalised service to give your digital project the SSL certificate protocol it needs, please contact us.
At Doowebs we are specialists in everything related to web security and, como tal, estaremos encantados de ayudarte. Ask for a non-binding quote!!