What is SSL?
SSL is a transparent protocol which requires little interaction from the end user when establishing a secure session. SSL allows sensitive information such as credit card numbers, social security numbers, and login credentials to be transmitted securely. Normally, data sent between browsers and web servers is sent in plain text—leaving you vulnerable to eavesdropping. If an attacker is able to intercept all data being sent between a browser and a web server, they can see and use that information.
How does the SSL certificate create a secure connection?
SSL Certificates have a key pair: a public and a private key. These keys work together to establish an encrypted connection. The certificate also contains what is called the “subject,” which is the identity of the certificate/website owner.
When a browser attempts to access a website that is secured by SSL, the browser and the web server establish an SSL connection using a process called an “SSL Handshake”. Note that the SSL Handshake is invisible to the user and happens instantaneously.
Essentially, three keys are used to set up the SSL connection: the public, private, and session keys. Anything encrypted with the public key can only be decrypted with the private key, and vice versa.
Here are the steps:
- Browser connects to a web server (website) secured with SSL (https).
- Browser requests that the server identify itself.
- Server sends a copy of its SSL Certificate, including the server’s public key.
- Browser checks the certificate root against a list of trusted CAs and that the certificate is unexpired, un-revoked, and that its common name is valid for the website that it is connecting to. If the browser trusts the certificate, it creates, encrypts, and sends back a symmetric session key using the server’s public key.
- Server decrypts the symmetric session key using its private key and sends back an acknowledgment encrypted with the session key to start the encrypted session.
- Server and Browser now encrypt all transmitted data with the session key.
Why do I need SSL on my website?
One of the best things you can do for yourself when you are running an online business is creating a trusted environment where potential customers feel confident in making purchases. Browsers give visual cues, such as a lock icon to help visitors know when their connection is secured.
As most online shoppers become more informed and savvy, they reward brands that they trust with increased business. Using an SSL/TLS certificate on your website establishes a secure encrypted connection between a browser and the server that serves the website files in order to provide an encrypted connection that protects sensitive data, such as credit card information, user-names, passwords, etc exchanged during each visit.
When this is done, your customers will want to know that you value their security and serious about protecting their information when they visit your website or pay with their credit card or even login to it or sends/receives other private information (street address, phone number, health records, etc.
I don't know how to install an SSL. Can you help me?
Our customers can install SSL certificate right from their control on a push of a button. Our tool will generate the CSR, validate the domain, download and install the certificate, and verify the installation automatically. There is virtually no time-consuming manual labor or effort from your effort to install SSL on your website. And of course we are here to assist you if you run into any issue or need help of any kind.