SSLTree

Skip to Main Content »

1.866.857.3140

0

Checkout
Search Site
Welcome to SSLTree!

Category Navigation:

You're currently on:

  • Home
  • /
  • Resources - How does SSL Work?

Purchase Security

Live Chat

Need help? Ask live!
Need help? Ask live!
Sorry! Our operators are currently offline. Please try again later.
 

How do SSL Certificates Work?

Introduction

With more and more transactions being conducted online, weather it be online purchases (e-commerce) or communicating sensitive information, SSL (Secure Sockets Layer) is the protocol that ensures that information sent between a client's web browser and the web site they are interacting with is kept secure. SSL Certificates are a critical component of the SSL protocol that supports secure browser based communications through HTTPS.


SSL Certificates

An SSL Certificate is a digital file that contains the Public Key (used by the client to decrypt communications) and Authentication information about the domain name where the SSL Certificate is being used from. While it is possible to have an SSL Certificate generated without a CA (Certificate Authority) and have encrypted communications, the critical signing process of the CA ensures that client's connecting to the secure site are able to verify the authenticity of the certificate and be ensured that an imposter is not intercepting a connection and providing a fake certificate. With a properly installed SSL Certificate, visitors on your website will see a Lock Icon appear in the bottom right-hand corner of their web browser to be assured that their communications are encrypted and know that they are dealing with the real website that they are accessing.


SSL Encryption

Let's review the high-level steps of how SSL Encryption works in the context of SSL Certificates: 
 

  • A web site visitor (client) connects to a secure website (HTTPS://)

  • An SSL handshake occurs whereby the strongest mutually supported encryption method is agreeded upon based on what the web-server security supports

  • The web-server sends back the SSL Certificate file to the client as a form of identification. The certificate contains the server's Public Key (used for encryption) and Certificate Authority (CA)

  • The client verifies the authenticity of the server's certificate with the Certificate Authority

  • The client generates a Random Number and encrypts this information using the server's Public Key and sends this information to the server.

  • Each client and server use the Random Number as a seed to generate master session keys which are then used to exchange final steps in the handshake protocol

  • After the handshake has been successfully established a secure and authenticated channel is created with the web server encrypting information with the session key.

 

 

references: Wikipedia - Transport Layer Security -  TLS Handshake

Checkout with:

© 2010 SSLTree. All Rights Reserved.

SSLTree.com is a SSL Certificate intermediary enabling Web Hosting Providers to sell digital certificates and trust products to their customers through our SSL Partner Program and SSL cPanel plugin. SSLTree.com provides a full complement of SSL Certificates, Extended Validation (EV) Certificates, WildCard Certificates and Enterprise Certificates enabling 256-bit encryption, ensuring privacy and trust for online transactions and ecommerce. SSLTree.com offers immediate issuance of domain validated certificates with dynamic Site Seals powered by SiteTrust technology.