A quick guide to SSL/TLS certificates


Whether you are an individual or a company, you should approach online security in the same way that you would approach physical security for your home or business.Not only does it make you feel safer but it also protects people who visit your home, place of business, or website. It is important to understand the potential risks and then make sure you are fully protected against them. In the fast-paced world of technology, it is not always easy to stay abreast of the latest advancements. For this reason it is wise to partner with a reputable Internet security company.

What Is an SSL Certificate?

An SSL certificate is a digital computer file (or small piece of code) that has two specific functions:
1. Authentication and Verification: The SSL certificate has information about the authenticity of certain details regarding the identity of a person, business or website, which it will display to visitors on your website when they click on the browser’s padlock symbol or trust mark (e.g., the Norton™ Secured Seal). The vetting criteria used by
Certificate Authorities to determine if an SSL certificate should be issued is most stringent with an Extended Validation (EV) SSL certificate; making it the most trusted SSL certificate available.

2. Data Encryption: The SSL certificate also enables encryption, which means that the
sensitive information exchanged via the website cannot be intercepted and read by anyone other than the intended recipient.

In the same way that an identity document or passport may only be issued by the country’s government
officials, an SSL certificate is most reliable when issued by a trusted Certificate Authority (CA). The CA has
to follow very strict rules and policies about who may or may not receive an SSL certificate. When you have a
valid SSL certificate from a trusted CA, there is a higher degree of trust by your customers, clients or partners.
SSL stands for “Secure Socket Layer.” It is a technology that establishes a secure session link between the visitor’s
web browser and your website so that all communications transmitted through this link are encrypted and are,
therefore, secure. SSL is also used for transmitting secure email, secure files, and other forms of information.
Would you send your private information or banking details to someone on the back of a postcard? SSL creates a safe and private channel for you to communicate.

How Does SSL Encryption Work?

In the same way that you lock and unlock doors using a key, encryption makes use of keys to lock and unlock
your information. Unless you have the right key, you will not be able to “open” the information. Each SSL
session consists of two keys:

TLS certificates

• The public key is used to encrypt (scramble) the information.
• The private key is used to decrypt (un-scramble) the information and restore it to its original format
so that it can be read.

The Process:
Every SSL certificate that is issued for a CA-verified entity is issued for a specific server and website domain (website address). When a person uses their browser to navigate to the address of a website with an SSL certificate, an SSL handshake (greeting) occurs between the browser and server. Information is requested from the server – which is then made visible to the person in their browser window. You will notice changes to indicate that a secure session has been initiated – for example, a trust mark will appear. If you click on the trust mark, you will see additional information such as the validity period of the SSL certificate, the domain secured, the type of SSL certificate, and the issuing CA. All of this means that a secure link is established for that session, with a unique session key, and secure communications can begin.

Leave a Reply

Your email address will not be published. Required fields are marked *