SSL Certificates are small data files that digitally bind a cryptographic key to an organization's details. When installed on a web server, it activates the padlock and the https protocol (over port 443) and allows secure connections from a web server to a browser. Typically, SSL is used to secure credit card transactions, data transfer and logins, and more recently is becoming the norm when securing browsing of social media sites.
SSL Certificates bind together:
- A domain name, server name or hostname.
- An organizational identity (i.e. company name) and location.
An organization needs to install the SSL Certificate onto its web server to initiate secure sessions with browsers. Depending on the type of SSL Certificate applied for, the organization will need to go through differing levels of vetting. Once installed, it is possible to connect to the website over https://www.domain.com, as this tells the server to establish a secure connection with the browser. Once a secure connection is established, all web traffic between the web server and the web browser will be secure.
Whenever a browser connects to a webserver (website) using SSL, the communication will be encrypted and secure. This is usually indicated by the appearance of a key in the lower portion of your web browser. In order to get SSL for your website you first need an SSL Certificate. Your SSL Certificate is installed onto your webserver and allows you to access the security functionality of your webserver, and ultimately lets your customers know that your site is secure. SSL (Secure Sockets Layer) is a security technology that is commonly used to secure server to browser transactions. This generally includes the securing of any information passed by a browser (such as a customer's credit card number or password) to a webserver (such as an online store or online banking application). SSL protects data submitted over the Internet from being intercepted and viewed by unintended recipients.
SSL is used:
- To secure online credit card transactions;
- To secure system logins and any sensitive information exchanged online;
- To secure webmail and applications like Outlook Web Access, Exchange and Office Communications Server;
- To secure workflow and virtualization applications like Citrix Delivery Platforms or cloud-based computing platforms;
- To secure the connection between an email client such as Microsoft Outlook and an email server such as Microsoft Exchange;
- To secure the transfer of files over https and FTP(s) services, such as website owners updating new pages to their websites or transferring large files;
- To secure hosting control panel logins and activity like Parallels, cPanel, and others;
- To secure intranet based traffic such as internal networks, file sharing, extranets, and database connections;
- To secure network logins and other network traffic with SSL VPNs such as VPN Access Servers or applications like the Citrix Access Gateway.
All these applications have a number of shared themes:
- The data being transmitted over the Internet or network needs confidentiality. In other words, people do not want their credit card number, account login, passwords or personal information to be exposed over the Internet.
- The data needs to remain integral, which means that once credit card details and the amount to be charged to the credit card have been sent, a hacker sitting in the middle cannot change the amount to be charged and where the funds should go.
- Your organization needs identity assurance to authenticate itself to customers / extranet users and ensure them they are dealing with the right organization.
- Your organization needs to comply with regional, national or international regulations on data privacy, security and integrity.