Secure Sockets Layer (SSL) is a standard technique for transmitting documents securely across a network. SSL technology, created by Netscape, establishes a secure connection between a Web server and a browser, ensuring private and secure data transmission. SSL communicates using the Transport Control Protocol (TCP).
The term "socket" in SSL refers to the method of sending data via a network between a client and a server.
A Web server requires an SSL certificate to establish a secure SSL connection while using SSL for safe Internet transactions. SSL encrypts network connection segments atop the transport layer, a network connection component above the program layer.
SSL is based on an asymmetric cryptographic process in which a Web browser generates both a public and a private (secret) key. A certificate signing request is a data file that contains the public key (CSR). Only the recipient receives the private key.
SSL encrypts data communicated across the web to guarantee a high level of privacy. Anyone attempting to intercept this data will meet a jumbled mess of characters nearly hard to decrypt.
SSL begins an authentication process known as a handshake between two communicating devices to confirm that both devices are who they say they are.
SSL also digitally certifies data to ensure data integrity, ensuring that it has not been tampered with before reaching its intended receiver.
SSL has gone through multiple incarnations, each one more secure than the last. TLS (Transport Layer Security) was introduced in 1999, replacing SSL.
The goals of SSL are as follows −
Data integrity − Information is safe from tampering. The SSL Record Protocol, SSL Handshake Protocol, SSL Change CipherSpec Protocol, and SSL Alert Protocol maintain data privacy.
Client-server authentication − The SSL protocol authenticates the client and server using standard cryptographic procedures.
SSL is the forerunner of Transport Layer Security (TLS), a cryptographic technology for secure data transfer over the Internet.
Are you ready to protect your website? The following is the fundamental approach for requesting a publicly trusted SSL/TLS website certificate −
The individual or organization requesting the certificate generates a pair of public and private keys, which should be stored on the server being protected.
A certificate signing request is generated using the public key, the domain name(s) to be protected, and (for OV and EV certificates) organizational information about the company requesting the certificate (CSR).
A publicly trusted CA receives the CSR (such as SSL.com). The CA verifies the information in the CSR and generates a signed certificate that the requester can install on their web server.