Friday, 27 August 2010

SSL Certificate & How it Works


What is an SSL certificate?

When you go on a website and you see a Lock sign in the browser, and the website address starts with https:// rather than the standard http://, then this will assure you that there is an SSL certificate installed on this website.

A general SSL certificate can normally be purchased from your hosting company, and installed onto your website by your web developer, a general certificate would contain the below information:

  • The certificate holder’s name

  • The certificate’s serial number and expiration date

  • A copy of the certificate holder’s public key

  • The digital signature (private key) of the certificate-issuing authority

  • So what do we need to know how SSL work

Browsers, languages and servers all talk to each other in a way that can get quite complicated for an average web user. So what do we as a website owner need to know about SSL, and how it works. Well the main reason as mentioned above is security, to offer our customers a peace of mind that their details are secure and not intercepted by third parties.

A Typical Example of how SSL Certificate works

Brett wants to buy a t-shirt online from ABC Fashions. For him to complete his purchase he will be entering his payment card details, but Brett wants to make sure that it is secure and confident.

So that data that Brett enters on the website is 1st encrypted into a meaningless ciphertext via a public key, the same data is then decrypted by a private key at ABC Fashions.  When the data is received at ABC fashions, along with a key a copy of the original message is sent (something similar as figure prints) which basically shows ABC Fusions, to check to ensure it’s the same and nothing has been changed on the Order details.

Brett may also want to check an authenticate ABC Fashions, to make sure that he is sending his information to the correct person, and not to someone else. He can authenticate and prove this via a digital certificate, which is viewable via the browser where you can see the Lock Sign. The certificate contains:

Domain Name

General Public Key

Organization Name



Above is a simple scenario of how SSL certificate works.

No comments:

Post a comment