What is SSL?
SSL and TLS encryption are standard protocols for communication between the user (web browser) and e-commerce sites with SSL support(secure sockets layer). Data transmitted between browser and server is encrypted using a protocol based on two key authentication, one public and one private. Data sent from browser to web server is encrypted using public key site, which guarantees that the message can be decoded only by the server that is hosted website. Meanwhile, the digital certificate signed by a certifying authority recognized by the browser, ensures the true identity of the site but also prevents the interception of data transmission path, independent of the route of comunication .
Users realize a site that uses SSL secure connection by Web browser that displays an icon in the upper right with a gold lock. Newer versions of browsers such as Firefox and Internet Explorer 7.8 and 9 show in the same time the address bar green or golden color, guaranteeing secure communication. SSL certificates can be used for application-level communication security (such as for example the sending and receiving e-mails secure).
Why is recommended to use SSL?
SSL technology provides greater privacy and security than an encrypted web connection. This reduces the risk that the information be intercepted and misused by a third party. Many visitors to websites have more confidence to share personal information when they know that the website is using an SSL connection.
How can I know if my Web pages are secured by SSL?
Most Web browsers display a padlock icon when a SSL connection is established. See SSL indicators of Google Chrome as an example.
The simplest test is to enter the browser web address you want to check, including https:// at the beginning, for example, https://adwords.google.ro. If the browser dispalys a padlock icon, click it for more information to confirm the existence of a secure connection. If there is a padlock icon, it means the page is secured by SSL.
Note that many websites use SSL only to certain pages, where they transmit sensitive information such as password or credit card number.
SSL certificates can be used by online shops to protect as much information sent and received between stores and customers (data about credit cards, bank accounts, transactions, accounts, PINs, etc.). Also can be used when information transferred to or from the client are confidential (medical, insurance, user name, password). Customers of online businesses need to know that their personal data are processed safely to complete the transaction.
Here are the benefits of an SSL certificate:
- Guarantees and protects the transmission of information in the online environment, ensuring the security of communication with your users
- Confirm the identity of the website on the Internet
- Ensure the authenticity of the website by checking the owner of the information before issuing certificate
- Encryption protects information transmitted between client and server, and data is protected against unauthorized viewing or modification.
How does it work ?
By using an SSL certificate in the hosting account you can protect against any attacks on the inserted information on the site. Data transmitted between the visitor's browser and server are encrypted through a protocol based on two authentication keys: a public key to encrypt data in the browser and a private key, specify the security certificate installed on the Web server that validates server and decrypts data. The two keys are generated simultaneously by the certifying authority based on a mathematical code that provide dependent one from the other, so a message can be encoded and decoded with one of them only the other key. Another important thing: the private key is held only unit applicant certification and not by SSL certificate. SSL certificates are always transmitted encrypted private key, but the client browser is just validating the public key to check if issued by the certifying authority with its own private key secrecy. Just after verification, the client browser is allowed to extract the public key and the SSL certificate. With public key will be created and encoded another key, called symmetric session key. This key is used to encrypt all messages that flow in both directions.