What is SSL?
SSl stands for Secure Sockets Layer. The name itself indicates that it is for security purpose. Secure Sockets Layer is a standard security technology for establishing an encrypted link between the web server and a browser. Basically Security is important for all kind of websites even if it is a small business.One of the most important components in online business is creating a trusted environment where the customers feel confident in making purchases. SSL certificates create a foundation of trust by establishing a secure connection.
Nowadays most of the people will like to buy the things online instead of going to shops or malls. Here, they need to enter their personal information such as their banking information for their purchasing. So security is very much important. SSL allows sensitive information such as credit card numbers, social security numbers and login credentials to be transmitted securely. Suppose if the website doesn’t have SSL, then while transmitting the information over the internet it will transfer from one computer to the destination computer. So when passing the information, there may be a chance to the man in middle can attack.
Anybody can create a certificate, but the browsers only trust the certificates that come from an organization on their trusted list of CAs. Certificate authorities are a critical part of the internet’s public key infrastructure because they issue the Secure Sockets Layer certificates that web browsers use to authenticate content sent from web servers
How SSL works?
- The browser attempts to connect to the website secured with SSL. Browser requests the web identify itself.
- Then the web server sends the copy of its SSL certificate including server’s public key.
- The browser checks whether to trust the SSL certificate or not. It checks the certificate root against a list of trusted CA.
- If the browser trusts the SSl certificate, it creates, encrypts and sends the private key using server’s public key.
- The web server sends digitally signed acknowledgement to start an encrypted session.
- Finally, encrypted data is shared between the browser and the web server.
For more info: https://www.seekahost.co.uk/