What is an SSL certificate and how does it work?

Secure Sockets Layer

Secure Sockets Layer (SSL) is a protocol for encrypting and authenticating data transferred between a web server and an application. When you or your users enter data on your site, it passes via several touch points before arriving at its eventual destination. Without SSL, this data is transferred as plain text, intercepted, or altered by hostile parties. SSL provides point-to-point encryption to ensure data security during transmission.

A message authentication code, or MAC, is included in SSL connections to ensure that data is not lost or altered during transmission. This ensures that the data sent is received without being tampered with or changed maliciously.

SSL Certificate

An SSL certificate shows users that your website is safe and secure, with encryption in place to prevent assaults. This is especially critical if you're providing a transactional service that requires a user to provide personal and payment information.

Ensuring that your website is SSL certified helps develop confidence with users, who will recognize your offering as having greater authenticity than sites that do not have the certificate.

The X.509 standard defines the SSL certificate structure. It specifies which data fields should appear in the SSL certificate. Depending on the format and encoding, the certificate files have different extensions.

There is a variety of SSL certificates available based on the number of domain names or subdomains owned, including Single, Wildcard, Multi-Domain, and others where the level of validation is required, such as Domain Extended and Organization Validation.

How Does an SSL Certificate Work?

SSL secures the data sent between users and websites or between two systems, making it hard to read.

  • SSL scrambles the data in transit using encryption methods, preventing hackers from accessing it as it travels over the network. This information may contain potentially sensitive information.

  • When a browser or server tries to connect to a website (i.e., a web server) secured using SSL, the webserver is asked to identify itself.

  • In response, the web server transmits a copy of its SSL certificate to the browser or server, which it then verifies to verify if it trusts the SSL certificate. If it does, the web server receives a notification.

  • The web server then responds with a digitally signed acknowledgment, allowing the browser or server to begin an SSL encrypted connection. Thus, the encrypted data will be shared between the browser and the webserver.

The term HTTPS (HyperText Transfer Protocol Secure) appears in the URL when an SSL certificate secures a website. Only the letters HTTP - not the "S" for Secure - will appear if you don't have an SSL certificate.