What is SSL and why is it important?Written by Tim Sisson
SSL (Secure Sockets Layer) is a standard technology behind establishing an encrypted connection between a web server (host) and a web browser (client). This connection between the two makes sure that all the data passed between them remain private and intrinsic. SSL is an industry standard and is used by millions of websites to protect their online transactions with their customers. If you have ever visited a website using the HTTPS:// in the URL bar you were creating a secure connection via SSL. If you have an eshop or sell items via your website, SSL helps in establishing trust with your customers. They can be assured your website is who you say it is.
To create an SSL connection with a website (web server), the server must have a SSL certificate. When you activate SSL on your webserver you will be prompted to complete a series of questions about the identity of your website and your company. Then the server generates two separate cryptographic keys - one is public and the other is a private key. The public key is not secret and is placed in a CSR (Certificate Signing Request). This CSR is a basic file containing your details. You then submit the CSR, and the certificate authority (the company issuing the SSL certificate) will verify the details. Once the details are validated and a certificate is issued and installed, your server will then be able to match your Certificate to your private key. Your visitors will then be able to establish an encrypted link between your website and their web browser.
While the details of the SSL protocol are not displayed to the visitor, most browsers will display a lock or some other form of identifying that they are currently protected by an SSL encrypted session. Typically, most browsers use a lock symbol. If you would like the details of the SSL certificate you can simply click on the lock.
Most SSL Certificates contain the domain name, company name, address, city, state, and country. It also contains an expiration date of the certificate and the details of the Certificate Authority (the company who issued the SSL). When a browser attempts to establish an SSL connection to a website it checks to make sure the certificate is not expired, has been issued by a trusted authority, and is being used for the correct website. If any of these checks fails your web browser will display a warning letting the user know that the site is not secured by SSL.