(4 votes, average: 5.00 out of 5)
You may have heard you need an SSL Certificate, but you might not be sure what it is or what it does. No problem. We’re here to help you.
An SSL Certificate accomplishes two things. First, it enables an encrypted connection between a client (web browser) and a web server (website). We’ll get to how it does later, but for now, just remember that protects the communication between individuals and websites. Without this, the entire data transferred would be out in the open – vulnerable to getting intercepted, stolen or manipulated.
The second thing an SSL Certificate accomplishes is authentication. For the sake of not getting you bored, we’ll keep the description of this brief. Authentication is what lets a web browser know that a site can be trusted. When you visit a website, what is the guarantee that you are on the site that you are meant to be and it is run by the organization that says it is? SSL certificate or HTTPS takes care of this. The SSL certificate enables signs such as green address bar, a padlock, ‘HTTPS’ prefix etc. Such signs help you identify if the website you’re on is genuine or not. The nature of such trust-signs depends upon the validation level of the SSL certificates. There are mainly three types of SSL certificates – DV, OV, and EV. We won’t get into their details here. However, if you want to learn about them, you should click here.
In this blog, we’ll be focusing mostly on the encryption aspects of an SSL Certificate. Let’s take a closer look.
When a web browser first accesses a website the two communicate in what is called the “SSL Handshake.” This is a process where credentials are exchanged and an encrypted connection is agreed upon.
Let’s understand the SSL Handshake bit-by-bit.
This entire process is called SSL handshake. On the successful completion of this process, a secure connection is in place between the client and the server. From now on, every bit of data transferred between browser and server will be encrypted.
Note here that the browser decides whether it trusts the certificate on the basis of whether or not it was issued by a trusted Certificate Authority and whether its information/signature is up to date.
And there you have it. That’s what an SSL Certificate enacts encryption between a browser and a server.