Secure Sockets Layer, SSL, is the standard security technology for creating an encrypted link between a web server and a
browser. This link ensures that all data passed between the web server and browser remain private and integral.
SSL is an industry standard and is used by millions of websites in the protection of their online transactions with their
customers. In order to be able to generate an SSL link, a web server requires an SSL Certificate.
When you choose to activate SSL on your webserver you will
be prompted to complete a number of questions about the identity
of your website (e.g. your website's URL) and your company
(e.g. your company's name and location). Your webserver then
creates two cryptographic
keys - aPrivate
Key. Your Private Key is so called for a reason - it must
remain private and secure. The Public Key does not need to
be secret and is placed into a Certificate
Signing Request (CSR) - a data file also containing your
details. You should then submit the CSR. During the SSL Certificate
application process, the Certification Authority will validate
your details and issue an SSL Certificate containing your
details and allowing you to use SSL.
Your webserver will match your issued SSL Certificate to
your Private Key. Your webserver will then be able to establish
an encrypted link between the website and your customer's
Displaying the SSL Secure Padlock
The complexities of the SSL protocol remain invisible to your customers. Instead their browsers provide them with a key
indicator to let them know they are currently protected by an SSL encrypted session - the Padlock:
As seen by users of Internet Explorer
Clicking on the Padlock displays your SSL Certificate and your details:
All SSL Certificates are issued to either companies or legally accountable individuals.
Typically an SSL Certificate will contain your domain name, your company name, your address, your city, your state and
your country. It will also contain the expiry date of the Certificate and details of the Certification
Authority responsible for the issuance of the Certificate.
When a browser connects to a secure site it will retrieve the site's SSL Certificate and check that it has not expired,
it has been issued by a Certification Authority the browser trusts, and that it is being used by the website for which
it has been issued. If it fails on any one of these checks the browser will display a warning to the end user.