SSL Certificates are small data files that digitally bind a cryptographic key to an organization’s details. When installed on a web server, it activates the padlock and the https protocol and allows secure connections from a web server to a browser.
What is an SSL certificate used for?
An SSL certificate is a bit of code on your web server that provides security for online communications. When a web browser contacts your secured website, the SSL certificate enables an encrypted connection. It’s kind of like sealing a letter in an envelope before sending it through the mail.
SSL certificates also inspire trust because each SSL certificate contains identification information. When you request an SSL certificate, a third party verifies your organization’s information and issues a unique certificate to you with that information. This is known as the authentication process.
Why does my website need an SSL Certificate?
SSL certificates keep online interactions private even though they travel across the public Internet, and they help customers gain the confidence to provide personal information on your website. If you ask users of your website to sign in, enter personal data such as credit card numbers, or view confidential information such as health benefits or financial accounts, you need to keep the data private. You also need to assure them that your website is authenticLearn more: Get Started with SSL.
It is also used for email servers, web-based applications, server-to-server communications and more. Go to Beyond E-Commerce.
What is encryption and why are there different levels?
Encryption is a mathematical process of coding and decoding information. The number of bits (40-bit, 56-bit, 128-bit, 256-bit) tells you the size of the key. Like a longer password, a larger key has more possible combinations. In fact, 128-bit encryption is one trillion times stronger than 40-bit encryption. When an encrypted session is established, the strength is determined by the capability of the web browser, SSL certificate, web server, and client computer operating system.
How does SSL make my web site more trustworthy?
An SSL certificate contains verified information about the web site it secures to help users confirm that they are communicating with your web site. Extended Validation is the industry’s highest standard of verification and provides the most visible assurance to users: the address bar turns green in high-security browsers.
When you display the Thawte Trusted Site Seal, users can click the trust mark to view web site identification information, the third party (such as Thawte) that verified it, and the expiration date of the certificate. In newer browsers, web site identification information may appear when users hover over the address bar. They can also click the closed padlock icon.
An SSL certificate serves as a credential in the online world. Each SSL certificate uniquely identifies a specific domain (such as thawte.com) and a web server. Trust of a credential depends on confidence in the organization that issued it. Certificate authorities have a variety of methods to verify information provided by individuals or organizations. Established certificate authorities are well known and trusted by browser vendors.
What does browser compatibility mean?
When a browser or operating system encounters an SSL or code signing certificate, it checks to make sure that the certificate is valid and trusted. An SSL certificate is trusted if it is signed by a “trusted” or pre-installed root certificate. As an established, globally recognized certificate authority,
What is a public/private key pair?
Encryption is a mathematical process of coding and decoding information. Each SSL Certificate contains a public/private key pair: a private key with the code and a public key used to decode it. The private key is installed on the server and never shared with anyone. The public key is incorporated into the certificate and shared with web browsers. Learn more: How SSL Works
What is a certificate signing request or CSR?
A CSR is a public key that you generate on your server according to your server software instructions. (If you do not have access to your server, your web host or Internet service provider will generate it for you.) The CSR is required during the SSL certificate enrollment process because it validates the specific information about your web server and your organization.