How SSL Works
Secure Sockets Layer (SSL) technology protects transactions between your Web site and visitors. The protocol uses a third party, a Certificate Authority (CA), to identify one end or both end of the transactions. This is in short how it works.
- A browser requests a secure page (usually https://).
- Once secure transaction is initiated. The web server sends its public key with its certificate.
- The browser checks that the certificate was issued by a trusted party (usually a trusted CA such as RapidSSL, VeriSign, Thawte, GeoTrust etc), that the certificate is still valid and that the certificate is related to the site contacted.
- The browser then uses the public key, to encrypt a random symmetric encryption key and sends it to the server with the encrypted URL required as well as other encrypted http data.
- The web server decrypts the symmetric encryption key using its private key and uses the symmetric key to decrypt the URL and http data.
- The web server sends back the requested html document and http data encrypted with the symmetric key.
- The browser decrypts the http data and html document using the symmetric key and displays the information.
In addition to encryption security, SSL certificates gives important visual cues to website visitor that they are in secure environment.
Extended Validation SSL turns high security browser's address bar into "Green"
This SSL certificates gives website visitors an easy to understand and reliable way to establish trust online.
You need SSL...
- If you accept online orders and process credit cards information
- If you offer a login or sign in on your site
- If you are processing sensitive data or information such as address, birth date,license, or ID numbers
- If you need to comply with privacy and security requirements
- If you need to secure email server(POP, IMAP, SMTP), vpn server, ftp server, controlpanels, webmail or any other web applications.