SSL Certificates are small data files that digitally bind a cryptographic key to an organization’s details. When installed on a web server, it activates the padlock and the https protocol and allows secure connections from a web server to a browser.
An organization needs to install the SSL Certificate onto its web server to initiate a secure session with browsers. Once a secure connection is established, all web traffic between the web server and the web browser will be secure.
How Does an SSL Certificate Work?
- SSL is a security protocol that protects user data during its transfer from your servers to the client’s browser.
- Here’s what happens when a user wants to connect to secure website:
- User visits SSL secured web site, browser sends a ‘Client Hello’ to web server to request secure / SSL session.
- Web server responds to user / browser with certificate, including the public key.
- User browser will verify the certificate w.r.t Certificate Authority and validity from browser database.
- If certificate is valid, browser will generate unique session key, encrypt with server’s public key and send encrypted key to server.
- Server will then decrypt the message using private key and maintain the session key. A transaction establishes a secure communication pipe, user browser and server will now use session key to send information back and forth.
- A transaction ensures: Only user browser and server will have the session key, communication is protected. User is communicating with a web site which has been vetted to confirm the identity of organization requesting the details from user and the domain which represent the organizations application.
Why Do I Need An SSL Certificate?
SSL Certificates protect your sensitive information such as credit card information, usernames, passwords etc. It also:
- Keeps data secure between servers
- Increases your Google Rankings
- Builds/Enhances customer trust
- Improves conversion rates
How is SSL encryption length determined?
Misunderstanding among users is that SSL certificate dictates the strength of the encryption. Strength of SSL session is actually the function of strength of the browser and compatibility of the server. If the browser is limited to 128-bit encryption, then only a 128-bitsession will be established, even if the Web server supports 256-bit sessions. If both the browser and server support 256-bit encryption, then a 256-bit session can be established.