A Guide to SSL
What is SSL?
SSL stands for Secure Sockets Layer, and it establishes an encrypted link between a web server and a browser. It is the standard securing technology for doing so. This encrypted link ensures that all data passed between the server and the browser is kept private and secure. In order to create an SSL connection that positively identifies the server, an SSL certificate needs to be purchased.
SSL is an industry standard. It is used by millions of websites in order to protect online transactions with customers.
An SSL certificate typically includes the person or company’s:
- Domain name
- Company name
- Expiration date of the Certificate
- Details of the Certification Authority responsible for the Certificate issuance
How does it work?
Once deciding to activate SSL on your website and selecting a vendor to purchase the SSL through, the SSL provider will take the user through a series of questions about the identity of the website and company. After these are validated, the web server will then create two cryptographic keys:
- A Private Key // This key does not need to be a secret, and it is placed into Certificate Signing Request (CSR), which is a data file that also contains details of your SSL and website
- A Public Key // Once the CSR is submitted and all the information in the CSR is validated, it will allow the user to use SSL and match the SSL to the Private Key.
The web server will then be able to create the encrypted link between the website and the customer’s web browser. While the protocol of this remains invisible to the customers, users will be able to view the SSL certificate if they click the lock displayed in the address bar of their browser. Browsers also allow access to the details that will ensure users that they are connecting to the website they believe they are.
But why do I need an SSL?
- SSL is considered the backbone of a secured internet and it protects people’s information as it travels across the world.
- It keeps sensitive information encrypted as it travels from computer to computer.
- It gains customers’ trust.
How do I purchase an SSL Certificate?
What you need:
- A dedicated IP address // The recommended configuration for using SSL is have it assigned at the IP address level.
- A CSR containing all the information needed to create the SSL certificate. This can be done directly on the server or by using tools such as this.
- Correct contact information in WHOIS record // WHOIS is a domain name search containing information about websites. This is used to verify that you are a legitimate requestor for your domain.
- Business/Organization validation documents // Some levels of SSL certificate signing require extended verification.
There are many places online to purchase an SSL certificate: