What is SSL?
SSL, Secure Sockets Layer, is a security-based communication protocol responsible for establishing encrypted connections between web servers and web browsers during online communications.
Purpose of SSL
The primary use of SSL technology is the protection of online communications to include e-commerce and transactions requiring users to submit confidential data such as social security numbers, login names, passwords, and credit card info. Data sent without SSL technology is sent in what’s called “plain text” making it capable of being intercepted and used against the owners will. Having SSL technology in place ensures data is encrypted before being sent making it indecipherable if intercepted. This is made possible by the installation of an SSL certificate on the web server hosting the web domain.
The SSL Certificate
SSL Certificates are digitally signed files obtained from what’s known as a Certificate Authority (CA). A Certificate Authority is an entity allowed to issue digital certificates to web domain owners. Examples of Certificate Authority entity include SSL.com, Comodo, and DigiCert.
Types of SSL Certificates
The first steps are determining which certificate is needed for the environment.
- Single Domain Certificate: allows you to secure a single web domain name.
- Multi-Domain Certificate: allows you to secure multiple domains on a certificate. Examples include:
mydomain.com, mydomain.net, mydomain.us
- Wildcard Certificate: allows you to secure a single domain with unlimited subdomains of that same domain. Examples include mydomain.com, help.mydomain.com, shop.mydomain.com.
- Extended Validation Certificate: allows you to secure a single domain except it provides a higher degree of authentication and SSL protection. In addition, it turns the address bar green for visitors.
Customer Signing Request (CSR)
Before ordering an SSL certificate the web domain owner has to generate a Certificate Signing Request (CSR) file for the web server. This process is known as the SSL Certificate application process. The CSR file is an encoded data file containing information about the domain to include its name & expiration along with company info such as name, address, city, & state; key type & size, issuer signature, & serial number.
SSL Certificate Keys
While completing the SSL certificate application, the web server will create two cryptographic keys called the Public Key & the Private Key which are used to authenticate, secure, and manage encrypted connections. The Public Key is placed into the CSR and submitted to have the Certificate Authority validate information and issue the SSL certificate. The web server then matches the newly issues SSL certificate to your Private key. Once the SSL certificate is confirmed, the web server is then able to establish secure connections between the website and customer browsers. This results in the URL changing from HTTP to HTTPS and a new SSL indicator in the form of a lock being displayed in the web browser signaling to users that their session is encrypted. Other SSL protocols affected by this change include FTPS, IMAPS, POP3S, SMTPS, NNTPS, LDAPS.