SSL Certificates Explained (And Made Easy)

Ssl Certificates Explained Made Easy

Isn’t the Internet great? You can send and receive emails, shop online with your credit card, exchange files, or log in and manage remote systems.

It would be not-so-great if all the confidential information in those cases were to be exposed to prying eyes, hackers, or cyber criminals.

Featuring: the Invention of the Secure Sockets Layer (SSL) Protocol

SSL – Secure Sockets Layer – was invented to protect sensitive data in transmission. SSL is a security protocol designed to provide maximum security, while remaining simple enough for everyday use.

SSL, or the new generation version: TLS (Transport Layer Security), is responsible for keeping data private and ensuring it is transmitted between — and only between — the correct two end-points. SSL prevents the possibility that hackers positioned between the two end-points might siphon off or divert the data elsewhere.

What is an SSL Certificate?

An SSL Certificate is a small computer file that digitally combines a cryptographic key with an organization’s details. On a web server, for example, it allows secure connections to a web browser. Depending on the type of SSL Certificate being used by the organization, different levels of checks will be made by the Certificate Authority (CA) issuing the certificate. The CA itself holds a Root Certificate.

An SSL Certificate awarded to an organization is derived from the Root Certificate. The same Root Certificate must be present on the end user’s computer in order for the issued SSL Certificate to be trusted. Browser and operating system vendors work with Certificate Authorities, so the Root Certificate is embedded in their software.

End User and Organizational Points of View

For end users, SSL could hardly be simpler. Secure web addresses start with “https://” instead of just “http://”.

Users see a padlock symbol in their browser. And that’s about it.

By comparison, for organizations running email servers, ecommerce sites or hosting system administration resources, it’s a little more involved.

To authenticate themselves to users and customers, and prove to users they are working with the right entity, organizations need to acquire an SSL Certificate.

The Goal: Trusted Interactions Online

If the local Root Certificate and the remote-issued SSL Certificate are not correctly matched, the browser displays messages to the user concerning untrusted errors. If they are matched, the user can proceed with confidence.

The two parties (the local user’s browser and the remote web server) first exchange a symmetric encryption key. “Symmetric” means the same key is used to encrypt information that is transmitted and decrypt it on arrival at the other end. The “forward secrecy” built into the system ensures the short term symmetric key cannot be deduced from the long-term asymmetric key, for further protection against hacking.

Types of SSL Certificates

Three types of SSL Certificates exist.

1. Extended Validation (EV) SSL Certificates

These are issued only after the Certificate Authority has verified the exclusive right of the organization to use the domain name concerned and also a number of additional aspects:

  1. The legal, physical, and operational existence of the organization
  2. Consistency between the organization’s identity and official records
  3. Proper authorization by the organization of the issuance of the EV SSL Certificate

2. Organization Validation (OV) SSL Certificates

These include checking the right of the organization to use the domain name, and some, but not all, of the rest of the verification done in the case of the EV SSL Certificate above. End users can see additional information on the organization.

3. Domain Validation (DV) SSL Certificates

Finally, these limit verification to checking the right of the organization to use the domain name concerned. Consequently, end users will only see information about the encryption, not about the organization.

In Conclusion: Advantages of SSL Certification

SSL certification can be doubly advantageous for an organization.

First of all, it can ensure the confidentiality of the information being transmitted. Secondly, it proves to others that they can trust both the security and the identity of the organization. Also, just to make sure everything is under control, the Certificate Authority itself must also be audited annually to ensure it is fit to issue SSL Certificates.

Photo Sources: theatlantic.com

Advertiser Disclosure

HostingAdvice.com is a free online resource that offers valuable content and comparison services to users. To keep this resource 100% free, we receive compensation from many of the offers listed on the site. Along with key review factors, this compensation may impact how and where products appear across the site (including, for example, the order in which they appear). HostingAdvice.com does not include the entire universe of available offers. Editorial opinions expressed on the site are strictly our own and are not provided, endorsed, or approved by advertisers.

Our Editorial Review Policy

Our site is committed to publishing independent, accurate content guided by strict editorial guidelines. Before articles and reviews are published on our site, they undergo a thorough review process performed by a team of independent editors and subject-matter experts to ensure the content’s accuracy, timeliness, and impartiality. Our editorial team is separate and independent of our site’s advertisers, and the opinions they express on our site are their own. To read more about our team members and their editorial backgrounds, please visit our site’s About page.