SSL, short for Secure Socket Layer, is an Internet standard security technology that is used to provide an encrypted (or secure) connection between a web server (site) and a browser (Internet Explorer, Opera, Chrome, Firefox). This secure connection ensures that the information sent from your browser to the server remains private; that is, protected from hackers or anyone who wants to steal information. SSL is an industry standard and is used by millions of websites to protect and secure any sensitive or private data that is sent through your site. One of the most common uses of SSL is to protect the customer during an online transaction (purchase of goods, payment).
To establish a secure SSL connection, the web server must have an SSL certificate installed. When you go through the process of activating SSL on your server, you will be asked a series of questions to verify the authenticity of your domain and your company. Once completed, your web server will create 2 types of cryptographic keys – one called the private key and one called the public key.
The public key is not secret and is placed in a so-called Certificate Signing Request (Certificate Signing Request), often called CSR. A CSR is a file that contains the information you entered about an organization. When the CSR is generated, you can start applying for an SSL release. During this process, the CA (Certification Authority) will verify the data you entered and after successful verification will issue an SSL certificate with your data and allow you to use SSL. Your server will automatically compare the issued certificate with the generated private key. This means that you are ready to provide an encrypted and secure connection between your site and your customers’ browsers.
The SSL protocol is complex, but this complexity is always invisible to your clients. The browser does all the work. The browser will show that the current session is protected by SSL encryption – sometimes it is the lock icon in the lower right services, or an extra “s” at the end of the http protocol, and on high level certificates – the main indicator of a secure connection is a green line in the browser, with the name of your organization. All well-known certification centers issue SSL certificates for organizations or legal entities.
Generally speaking, SSL certificates contain and display (at least one of) your domain name, your organization name, your address, your city and your page. Also the certificate always has an expiration date and of course the details of the certification authority responsible for issuing the certificate. The browser connects to a secure site and gets an SSL certificate from it and first checks that it hasn’t expired, then it checks that it was issued by a CA it knows and then that it is used on the site for which it was issued. If one of these settings fails, the browser displays a warning to the visitor to notify them that this site does not use SSL security. He suggests leaving the site or continuing with great care. This is the last thing you should tell potential customers. That’s why SSL is very important for any successful company that does business online.