What is an SSL certificate and how does it work
Definition
Secure Sockets Layer ( SSL) certificates are small data files that digitally link a cryptographic key to an organization’s details. When an SSL certificate is installed on the web server, it enables the lock and the https protocol , allowing secure connections from a web server to an Internet browser.
SSL is typically used to secure credit card transactions, data transfers, and logins, and more recently is becoming the norm when securing browsing on social networking sites.
Advantages of an SSL certificate
It is good practice to install an SSL certificate on a website, because:
- An SSL certificate protects sensitive information such as credit card information, usernames, passwords, etc.
- An SSL certificate keeps data secure between servers
- An SSL certificate increases your Google rankings
- An SSL Certificate Builds/Improves Customer Trust
- An SSL certificate improves conversion rates
SSL Disadvantages
- Cost is a disadvantage. SSL providers must set up a trusted infrastructure and validate your identity for a fee.
- Performance is another disadvantage of SSL. Because the information you send has to be encrypted by the server, it takes more server resources than if the information were not encrypted.
In general, the disadvantages of using SSL are few and the advantages are greater. Proper use of SSL certificates will help protect customers, businesses, and transactions between the two.
How do SSL certificates work?
- A browser or server tries to connect to an SSL-protected website or web server.
- The browser/server requests that the web server identify itself.
- The web server sends the browser/server a copy of its SSL certificate.
- The browser/server checks whether or not it trusts the SSL certificate. If so, it sends a message to the web server.
- The web server sends a digitally signed acknowledgment to start an SSL encrypted session.
- The encrypted data is shared between the browser/server and the web server.
Where to buy an SSL certificate?
SSL certificates must be issued from a trusted certificate authority. Browsers, operating systems, and mobile devices maintain a list of trusted root certificates. The root certificate must be present on the end user’s machine for the certificate to be trusted. If it is not trusted, the browser will present untrusted error messages to the end user. In the case of e-commerce, such error messages result in an immediate lack of confidence in the website and organizations risk losing the trust and business of most consumers.
