What is SSL?
SSL (Secure Sockets Layer) is a standard technology behind establishing an encrypted connection between a web server (host) and a web browser (client). This connection between the two makes sure that all the data passed between them remain private and intrinsic. SSL is an industry standard and is used by millions of websites to protect their online transactions with their customers. If you have ever visited a website using the https:// in the address bar you were creating a secure connection via SSL. If you have an eshop or sell items via your website, SSL helps in establishing trust with your customers.
Understanding how the SSL connection protects your data
Using an SSL certificate creates an encrypted connection between the user’s web browser and the web server. This means that any data transmitted between the web server and the web browser can not be read without first being decrypted. This protects the data from being spied upon by someone else on the internet because they will not be able to understand the encrypted data.
How the encrypted connection is established
There a few basic steps that occur when you attempt to establish secure connection. Here’s a summary of the steps:
- You type in or select the secure URL (e.g. “https://abcdefg.com”)
- The web server receives your request and then submits a reply that attempts to establish trusted connection between the web browser and the web server – also called the “SSL handshake.”
- After the SSL certificate is verified through the SSL handshake, the data transferred between the web server and web browser is encrypted to keep it private and secure.
How to tell if a site is using SSL
While the details of the SSL protocol are not displayed to the visitor, most browsers will display a lock or some other form of identification in the address bar. This will indicate if you are currently protected by an SSL encrypted session. If you would like the details of the SSL certificate you can simply click on the lock.
What does the SSL mean to visitors?
Most SSL Certificates contain the domain name, company name, address, city, state, and country. It also contains an expiration date of the certificate and the details of the Certificate Authority (the company who issued the SSL). When a browser attempts to establish an SSL connection to a website it checks to make sure the certificate is not expired, has been issued by a trusted authority, and is being used for the correct website. If any of these checks fails your web browser will display a warning letting the user know that the site is not secured by SSL.