SSL Certificates are small data files that digitally bind a cryptographic key to an organization’s details. When installed on a web server, it activates the padlock and the https protocol and allows secure connections from a web server to a browser. Typically, SSL is used to secure credit card transactions, data transfer and logins, and more recently is becoming the norm when securing browsing of social media sites.
How Does an SSL Certificate Work?
SSL Certificates use something called public key cryptography
This particular kind of cryptography harnesses the power of two keys which are long strings of randomly generated numbers. One is called a private key and one is called a public key. A public key is known to your server and available in the public domain. It can be used to encrypt any message. If Alice is sending a message to Bob she will lock it with Bob’s public key but the only way it can be decrypted is to unlock it with Bob’s private key. Bob is the only one who has his private key so Bob is the only one who can use this to unlock Alice’s message. If a hacker intercepts the message before Bob unlocks it, all they will get is a cryptographic code that they cannot break, even with the power of a computer.
If we look at this in terms of a website, the communication is happening between a website and a server. Your website and server are Alice and Bob.
Why Do I Need an SSL Certificate?
SSL Certificates protect your sensitive information such as credit card information, usernames, passwords etc. They also:
- Keep data secure between servers
- Increase your Google Rankings
- Build/Enhance customer trust
- Improve conversion rates
What information does an SSL certificate contain?
SSL certificates include:
- The domain name that the certificate was issued for
- Which person, organization, or device it was issued to
- Which certificate authority issued it
- The certificate authority’s digital signature
- Associated subdomains
- Issue date of the certificate
- Expiration date of the certificate
- The public key (the private key is kept secret)
The public and private keys used for SSL are essentially long strings of characters used for encrypting and decrypting data. Data encrypted with the public key can only be decrypted with the private key, and vice versa.