While looking for a web hosting plan, you might have heard about the term Secure Sockets Layer (SSL). Now what is SSL?. The SSL is a security tool used to establish an encrypted link between the server and the browser. The SSL makes sure that the data which is passing through the server and the browser are encrypted so that the data remains safe and it can not be misused by any one. Since the data is in a encrypted form, so even if somebody manages to intercept the data, he will not able to decrypt it. Due to this feature most of the financial transaction which happens online are routed through SSL connection. The SSL certificates are important for a website in which financial transactions take place as people fill out their credit cards numbers, their names, etc on the web site’s check out page which can be intercepted by a hacker who can misuse the data.
For establishing an SSL connection, the first requirement is to get a SSL certificate. To get an SSL certificate, an individual or company must generate and submit a Certificate Signing Request (CSR) to a trusted Certification Authority. The Certification Authority then verifies the requester’s identity, existence and domain ownership before they issue an SSL Certificate.
The Certification Authority’s Web server software creates two unique keys. First one is a public key, which is used by the visitor’s browser to encrypt messages before sending them to the receiving server, and a private key, which is stored on the Certificate holder’s server and it is used to “decrypt” the secure messages after receipt. The public key need not be secret while the private key is highly secret.
In order to establish a secure, encrypted link between your website and your customer’s Web browser. Your Web server will compare your issued SSL Certificate to your private key, the private key has access only from your webserver which only can decrypt the SSL encrypted data.
Most of the web browsers have a list of trusted Certification Authorities for SSL certificates and thus any SSL connection established through the certificates issued by trusted certification authorities are recognised. For connections coming from unknown SSL certificate, web browsers issues warning to the users about unreliability of the certificates.