What is the Secure Sockets Layer (SSL)? PART 1

What is the Secure Sockets Layer (SSL)?

Secure Sockets Layer (SSL) for online businesses

To build a relationship, trust is needed and this is much more intense for a situation where the two parties are likely to have and never meet. Trust on the internet is of the utmost importance, especially if that relationship is a transaction; where money is involved. Even deeper than that is the fact that Data is the new gold, so almost everything we do on the net must be safe.
Building that trust relationship is not easy, but there has been increasing pressure on website owners to create an environment that allows users to feel safe. SSL certificates are an important means of doing this because they assure users that the connection they have with that website is secure.
For the end-user, all they need to verify this is a simple icon that appears in their browser. For website owners, it is a bit more complicated, but it doesn't have to be.

What is the Secure Sockets Layer (SSL)?

Why do we need an SSL certificate?

SSL is a security protocol that assures users that the connection between their computer and the site they visit is secure. During a connection, a lot of information passes between two computers, including potentially highly confidential data such as credit card numbers, user identification numbers or even passwords.
Under normal circumstances, this data is sent in plain text, meaning that if the connection were intercepted by a third party, that data could be stolen. SSL prevents this by imposing an encryption algorithm to be used during the connection on both sides. The padlock icon or green padlock icon has become a guaranteed indicator for users that the website they visit takes their security seriously. Listing of SSL on various internet browsers.

Why do we need an SSL certificate?

Originally the frequently asked question to ask was "Do we need an SSL certificate."
And the typical answer would be 'it depends'. After all, why should websites that were not dealing with sensitive financial data be so secure?
Unfortunately, as mentioned earlier, the digital age has led hackers to search more and more for personal information in addition to immediate cash.

How SSL works


Simplistically, there are three main components to making a connection;
The client - This is the computer that requests information.
The server - The computer that contains the information requested by the customer.
The Connection - The path through which data is sent between the client and the server.
How SSL works - the difference between HTTP and HTTPS.
HTTP vs HTTPS connection (source: Secure )
To establish a secure connection with SSL, there are still some conditions that you should pay attention to.
Testament Signing Request (CSR) - This makes two keys on the server, one private and one open. The two keys cooperate to set up a protected association.
Certificate Authority (CA) - This is a publisher of SSL certificates. Something like a security company that has a database of trusted websites.
After a connection is requested, the server creates the CSR. This action then sends data that contains the public key to the CA. The CA then creates a data structure that corresponds to the private key.
The most crucial part of the SSL certificate is that it is digitally signed by the CA. This is vital because browsers only trust SSL certificates that are signed by a very specific list of CAs such as VeriSign or DigiCert. The list of CAs is strictly checked and must comply with the security and authentication standards set by the browsers.

0 Comments