Tarun Gupta

An Exclusive Guide To SSL Certificates

Post By Tarun Gupta Post User Last Updated: Nov 13th, 2013 category Web Hosting

If you own an online business, trust and credibility are two factors that entice your buyers. You can succeed the competition only if your customers trust you. Installing SSL certificates on the websites is probably one among the best methods to gain the customer's confidence in your services. If you are new to this term or need to learn more about the same, this article has all to unleash.

All About An SSL Certificate

What is an SSL Certificate:

Put simply, an SSL certificate is like a passport that authenticates and establishes the credentials of a website and encrypts information for the server using Secure Sockets Layer technology. When an individual user sends information to the web server, browser accesses the digital certificate and establishes a secure connection. An SSL Certificate contains following information in it:

  • Name of the certificate holder (Company or Individual).
  • Serial number of the certificate and its expiry date.
  • Copy of certificate holder's public key.
  • Digital signature of the certificate issuing authority.

To obtain an SSL certificate for your website, you must generate and submit a CSR (Certificate Signing Request) to an issuing authority. The authority thereafter will authenticate your identity and other details related to the site ownership before issuing you a legitimate and secure certificate.

To Whom These Certificates Are Offered ?

SSL certificates are offered only to those who have website ownership with domain control and verified business credentials and contact information. An SSL certificate guarantees that the owner of the certificate has the legal rights to use this domain.

Public and Private Keys :

When a user creates a CSR,the web server generates two distinct and very unique keys namely private key and public key. The public key is used to encrypt the message to the server and to contain it in your certificate. A private key on the contrary is stored on your local computer and successfully decrypts the secure message to be read on your server. Web server matches the issued SSL certificate with the private key to establish a link between website and customer's web browser.

How SSL Certificate Works

An innovative SSL 'handshake' process establishes the SSL encrypted connection against the end user request. When a user sends request to its browser a process is triggered that includes the following steps:

  • Visitor's browser requests a secure session from the Web server.
  • Server then responds and sends server certificate to user's web browser.
  • Browser verifies the validity of the certificate on a number of parameters.
  • Post-validation, browser generates one time session key and encrypts it with server's public key.
  • Visitors browser then sends encrypted session key to the server to ensure individual copies to each.
  • Using the private key, server decrypts the session key.
  • Once the SSL' handshake' process gets completed, an SSL connection establishes.
  • A visible padlock icon appears in the browser's status bar as an indication of a secure session underway.

Strong Protection Against Phishing :

An SLL certificate is a great combat against the website phishing and pharming. These certificates are now offered by almost every Website Hosting Service provider. The certificate helps to prevent users from being hacked by Phishing and Pharming. Phishing is an attempt to steal and damage sensitive personal information from a website by posing like a legitimate one. SSL certificates are the most trusted and stringent fraud-prevention measures to detect the fraudulent intrusion into the website.

Comments are closed.