How Do SSL Certificates Work?

1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5.00 out of 5)
Loading...

As we all know, Cyber Security has become a major concern for all Internet users. An SSL certificate is by far the best and easiest solution to secure websites and the data transmitted through them from getting stolen or hacked. The acronym “SSL” stands for Secure Socket Layer and is referring to the layer that the security protocol takes place on. In laymen’s terms, it secures your websites with encryption.

When a browser attempts to access a website that is secured by an SSL certificate, the browser recognizes the SSL and then the web server and browser establishes a secure connection or session. This process is sometimes called an “SSL Handshake” (see diagram below). Note that the SSL handshake happens instantaneously and remains invisible to the users.

There are three keys used to set up to establish an SSL connection: public, private, and session keys. Basically, anything encrypted with the public key can only be decrypted with the matching private key and vice versa.

See Also: The World’s Top 10 Cheap SSL Certificate Providers 2017

Generally, encrypting and decrypting with private and public keys takes a lot of processing power, therefore they are used only during the “SSL handshake” to create a symmetric session key. After the secure connection is established, the session key is used to encrypt all the transmitted data.

How SSL Certificates Work

Functions of SSL Certificate

SSL Certificate comes up with 2 important functions

1) SSL Encryption, which allows user to securely transmit the data over internet

2) Identity validation, which verifies whether the business is legitimate or not.

Comodo-Positive-SSL-Certificate-review

Server Browser Communication – Learn How SSL Certificate Works

When a user access an SSL secured website,

  • The browser tries to connect that SSL encrypted website.
  • Then browser asks the web server to identify itself.
  • For identification, the servers send SSL Certificate’s copy to the browser.
  • Now the browser analyzes the certificate and verifies whether to trust it or not.
  • If the browser trusts the certificate, it gives a message to the server
  • After that, to start the SSL encrypted session, the server sends back a digitally signed acknowledgment to the browser.
  • Now the Data shared between browser and server is being encrypted and HTTPS appears.

How to Enable HTTPS or How to make a Website HTTPS Encrypted?

Get an SSL Certificate: First, you need to have an SSL Certificate to enable HTTPS. Mainly there are 3 types of certificates for web security (1) Domain Validation (2) Organization validated (3) Extended Validated. Get any of these SSL Certificates in accordance with your needs. You can get SSL certificate either from the SSL certificate authority’s website or via resellers. Buying from the resellers is a better option as they offer certificates at discounted prices.

Generate CSR and Private Key: Once you adopt an SSL certificate, the very next step is to generate CSR and private key. CSR (Certificate Signing Request) will be generated using CSR tool which will be available on Certificate Authority or on your Server manager. Fill out the correct information during CSR generation process. You will get CSR and Private-Key in encoded (cryptographic) format. Save the CSR and Private-Key at a safe location on your server or on a local drive.

Domain and Business Validation: After CSR and Private-Key generation, the certificate will ask the issuer to submit several business documents for verification. In the case of domain validation, the verification process will be completed by checking the domain registrar’s information via Email or by uploading File.

In the case of organization validated (OV), extended validation (EV) and code signing certificate option, the business document verification is mandatory. Here, the user needs to submit documents required by the certificate authority. After verification, if the documents meet the requirements of the CA, it will quickly approve the certificate.

Note: Documents required by CA might change from one authority to the other.

SSL Installation: Once the domain & business have been verified by CA, the SSL certificate is now ready to be installed on the server. The user must know how to Install SSL certificate on his/her server.

On the successful installation of the certificate on the server, the website becomes ready with HTTPS. Now secured connection is established when a visitor visits that SSL encrypted website.

How the Website encrypted with SSL Certificate will look in a browser?

Domain Validated SSL – Website secured with DV SSL Certificate will only display HTTPS with Green Pad Lock.

Domain Validation Function

 

Organization Validated SSL – Website Secured with OV SSL Certificate will display HTTPS with Green Pad Lock and it also displays business information in the website seal.

Organization Validation SSL - Function

Extended Validated SSL – Website Secured with OV SSL Certificate will display HTTPS, Green Address Bar along with organization name in URL and business information will also be displayed in the website seal.

EV SSL Certificate - Function

More about SSL:

comodo-code-signing-banner-aboutssl-org