Saturday, September 29, 2012

SSL certificate, the protection for your data.


What is a SSL certificate

SSL (Secure Sockets Layer) is a cryptographic protocol serving to encrypt the connection between the hosting server that stores information and the web client (the browser of the visitor of the website). This encrypted connection provides secure access to personal and business information which should not be available to third parties. SSL is a technology already used by millions of websites through which they provide protection for online transactions with their customers.

How does SSL certificate work?

SSL certificate encryption
The  SSL certificate is installed on the hosting server of the website and  the complex mechanism of the SSL protocol remains in the background and is invisible to the client.  The client and the server establish communication with a procedure called Handshake. During this procedure the various means of establishing secure connection are selected.
The handshake is done as soon as the client browser connects with the server at which a SSL protocol is installed. Then the server provides several mathematical functions for encryption. The highest function supported by the client is chosen by the server and the client is informed about the function chosen. The server then sends its information as digital certificate which contains the details of the authority which has certified the server, the  name of the server and the public key used for the encryption. The user then gets to check the certificate‘s validation. In order to generate session keys used for each connection the web client uses the public key to encrypt a random number and sends the result back to the server. The server than can decipher the number using its own private key. Now both parties have created public and private keys used to secure the information transmitted between the client and the server. This ends the handshake and secures the connection from being exposed to other parties. If any of the steps shown above breaks the handshake is over and the connection will not be established.
This process is performed automatically by the browser and the client and is virtually undetectable by the user.
The encryption which allows the for the connection to be secured is a complicated mathematical process. Through this process all the information is coded and then decoded by the client and the server.  The level of SSL certificate encryption is characterized by the length of the key used by the SSL certificate in bits. The most common used SSL certificates are 40 bits, 56bits, 128 bits and 256 bits. The size of the key defines and the level of security a SSL certificate has. A well secured connection can be deciphered by a hacker equipped with the right tools for as long as million years :)

Types of SSL certificates

The SSL certificates are usually divided in three groups RegularSSL Certificates, Wildcard SSL certificates and EV SSL certificates. The regular certificates can be installed in one domain and secure the information received or transmitted through this domain or subdomain only. If you want to have encrypted secure connection over several subdomains you need Wildcard SSL Certificate. It can be used to secure multiple (as much as you have) subdomains on a single domain name.
The EV SSL certificate are issued to firms and companies which are legally presented. These certificates are used to build additional confidence in the company‘s customers.

A usual way to spot a SSL certificate secured domain is py the prefix „https:“ instead of the usual „http:“ in the web site‘s URL.



Valid SSL Certificate is a must if:
  • Your site is an online store and accepts credit card payments or other orders
  • Your site offers online services, subscribers has to go over signup process
  • Your site supports login to user accounts, containing private or secure details
  • Your site has any other type of transmitting client's data over the Internet
You may also check TSL

No comments:

Post a Comment