What is SSL?

Overview

SSL (Secure Sockets Layer), is the standard security technology for encrypting a connection between a web server and a browser. Once established, this connection will encrypt all traffic and ensure that all data passed between the web server and browser remains private. SSL is a standard and is used to protect the online transactions with the customers. Many software applications support SSL such as web browsers, file transfer programs (SFTP), and email programs.

To enable SSL on a website, you need to get an SSL Certificate that identifies you and install it on the server. The use of an SSL certificate on a website is usually indicated by a padlock icon in web browsers but it can also be indicated by a green address bar. Once you have done the SSL install, you can access a site securely by changing the URL from http:// to https:// also we can redirect http to https automatically.

Most SSL server certificates will only secure a single domain name or sub-domain. For example, a certificate could secure http://www.techiemaster.in or mail.techiemaster.in but not both. The certificate will still work on a different domain name but the web browser will give an error anytime it sees that the address in the address bar doesn’t match the domain name (called a common name) in the certificate. If you need to secure multiple sub-domains on a single domain name, you need to buy a wildcard certificate. For a wildcard certificate, a common name of *.techiemaster.in would secure http://www.techiemaster.in, mail.techiemaster.in, etc. There are also special certificates such as Unified Communications (UC) certificates for Microsoft Exchange Servers that can secure several different domain names in one certificate.

SSL certificates are provided by Certificate Authorities (CAs).

Certificate authority (CA)

A certificate authority is an entity which issues digital certificates to organizations or people after validating them. Every certification authority provides a Certification Practice Statement (CPS) that defines the procedures that will be used to verify applications. There are many commercial CAs that charge for their services (GeoTrust, VeriSign, etc.).

Browser compatibility

The certificate that you purchase to secure your web site must be digitally signed by another certificate that is already in the trusted store of your user’s web browsers. By doing this, the web browser will automatically trust your certificate because it is issued by someone that it already trusts. If it isn’t signed by a trusted root certificate, or if links in the certificate chain are missing, then the web browser will give a warning message that the web site may not be trusted.

How does SSL work?

When you prepare your web server to use SSL you will be asked a few questions about your website and your company including your web site’s domain name and your company’s name and location.

Your web server then creates two cryptographic keys: a private key and a public key.

Private Key must remain private or the SSL connection could be made vulnerable.
Public key does not need to be secret and is placed into a Certificate Signing Request or CSR, a piece of encrypted text that you will submit to a certificate authority. The certificate authority will validate your details and issue the SSL certificate which you can then install to the web server with the private key to enable SSL.