SSL means Secure Socket Layer, it’s a cryptographic (encrypted) protocol designed to provide secure communications over a computer network. For this purpose of establishing secure (encrypted) connection, a small data file with digitally bind secure Key is used as an organisation’s identity, this data file is called SSL Certificate.

Green closed padlock to represent SSL / HTTPS

When an SSL certificate is installed on a web server or a network device, it enables HTTPS protocol to establish secure connections between web server and an  Internet browser such as Chrome / Firefox / Internet Explore or Safari. This HTTPS protocol often displayed on internet browsers with a Green colour Padlock icon or as “SECURE” in wording.

Traditionally SSL Certificates were used only on part of a website, mostly at checkout sections of Ecommerce websites or Login areas for registered users. This was because having HTTPS / encrypted connection caused a little slowness in the website loading time. However with the advancement of technology the speed is not a concern anymore, so these days most of the website developers / owners install SSL certificate globally and enable HTTPS on entire websites.

Depending on the level of certification, an SSL certificate will contain:

  • Domain name validation and server name / hostname.
  • Details of issuing Certification Authority (CA).
  • Organisation’s identity including company name, location (address).

Why Does A Website Need An SSL Certificate?

SSL Certificates protect your sensitive information such as credit card information, usernames, passwords and other personal data on transmission between a user’s internet browser and the web server.

  • Encrypts / secure the data between a user’s browser and website’s server.
  • Increases your Google Rankings / Increased Search Engine Optimisation
  • Builds / Enhances Customer Trust
  • Improves Conversion Rates

SSL Certificates bind together:

  • A domain name, server name or hostname.
  • An organizational identity (i.e. company name) and location.

An organization needs to install the SSL Certificate onto its web server to initiate a secure session with browsers. Once a secure connection is established, all web traffic between the web server and the web browser will be secure.

When a certificate is successfully installed on your server, the application protocol (also known as HTTP) will change to HTTPs, where the ‘S’ stands for ‘secure’. Depending on the type of certificate you purchase and what browser you are surfing the internet on, a browser will show a padlock or green bar in the browser when you visit a website that has an SSL Certificate installed.

What does a website with an SSL Certificate installed look like?

Extended Validation (EV) SSL Certificates:

ev green bar example

Standard SSL Certificates (such as GlobalSign DomainSSL and OrganizationSSL) display:

Standard Certificate Bar Example

SSL Certificates use something called public key cryptography.

This particular kind of cryptography harnesses the power of two keys which are long strings of randomly generated numbers. One is called a private key and one is called a public key.A public key is known to your server and available in the public domain. It can be used to encrypt any message. If Alice is sending a message to Bob she will lock it with Bob’s public key but the only way it can be decrypted is to unlock it with Bob’s private key. Bob is the only one who has his private key so Bob is the only one who can use this to unlock Alice’s message. If a hacker intercepts the message before Bob unlocks it, all they will get is a cryptographic code that they cannot break, even with the power of a computer.

If we look at this in terms of a website, the communication is happening between a website and a server. Your website and server are Alice and Bob.

Where Do I Buy An SSL Certificate?

SSL Certificates need to be issued from a trusted Certificate Authority. Browsers, operating systems, and mobile devices maintain list of trusted CA root certificates.

The Root Certificate must be present on the end user’s machine in order for the Certificate to be trusted. If it is not trusted the browser will present untrusted error messages to the end user. In the case of e-commerce, such error messages result in immediate lack of confidence in the website and organizations risk losing confidence and business from the majority of consumers.

Companies like GlobalSign are known as trusted Certificate Authorities. This is because browser and operating system vendors such as Microsoft, Mozilla, Opera, Blackberry, Java, etc., trust that GlobalSign is a legitimate Certificate Authority and that it can be relied on to issue trustworthy SSL Certificates. The more applications, devices and browsers the Certificate Authority embeds its Root into, the better “recognition” the SSL Certificate can provide.

However more recently lots of large IT   corporations encouraging the use of  SSL Certificate on all the websites to protect the privacy of it’s uses. To help this initiative these cooperations have come together and founded Let’s Encrypt, a certificate authority to issue Free SSL certificates for everyone.