SSL (Secure Sockets Layer)
SSL (Secure Sockets Layer) is a standard security protocol for establishing encrypted links between a web server and a browser in online communication. The usage of Secure Sockets Layer technology ensures that all data transmitted between the web server and browser remains encrypted. An SSL certificate is necessary to create a Secure Sockets Layer connection. You would need to give all details about the identity of your website and your company as and when you choose to activate SSL on your web server. Following this, two cryptographic keys are created – a Private Key and a Public Key.
Certificate Signing Request
Secure Sockets Layer CertificateA Secure Sockets Layer Certificate comprises of your domain name, the name of your company and other things like your address, your city, your state, and your country. It would also show the expiration date of the SSL plus details of the issuing CA. Whenever a browser initiates a connection with an SSL secured website, it will first retrieve the site’s SSL Certificate to check if it’s still valid. It’s also verified that the CA is one that the browser trusts, and also that the certificate is being used by the website for which it has been issued. If any of these checks fail, a warning will be displayed to the user, indicating that the website is not secured by a valid SSL certificate.
What are the SSL and TLS Certificates?
SSL or TLS (Transport Layer Security) certificates are data files that bind a cryptographic key to the details of an organization. When the SSL/TLS certificate is installed on a web server, it enables a secure connection between the web server and the browser that connects to it.
The website’s URL is prefixed with “https” instead of “http” and a padlock is shown on the address bar. If the website uses an extended validation (EV) certificate, then the browser may also show a green address bar.[caption id="attachment_15465" align="aligncenter" width="1050"]
What are Secure Sockets Layer used for?
The SSL protocol is used by millions of online business to protect their customers, ensuring their online transactions remain confidential. A web page should use encryption when it expects users to submit confidential data, including personal information, passwords, or credit card details. All web browsers have the ability to interact with secured sites so long as the site’s certificate is issued by a trusted CA.
Why do I need a Secure Sockets Layer certificate?
The internet has spawned new global business opportunities for enterprises conducting online commerce. However, that growth has also attracted fraudsters and cybercriminals who are ready to exploit any opportunity to steal consumer bank account numbers and card details. Any moderately skilled hacker can easily intercept and read the traffic unless the connection between a client (e.g. internet browser) and a web server is encrypted.
Secure Online Transactions and Communication
All communications sent over regular HTTP connections are in ‘plain text’ and can be read by any hacker that manages to break into the connection between your browser and the website. This presents a clear danger if the ‘communication’ is on an order form and includes your credit card details or social security number. With an HTTPS connection, all communications are securely encrypted. This means that even if somebody managed to break into the connection, they would not be able to decrypt any of the data which passes between you and the website.
How Does the Secure Sockets Layer Work?[caption id="attachment_15463" align="alignright" width="903"] Comodo is a leading certificate authority, issuing SSL certificates that secure hundreds of thousands of e-Commerce and other websites globally.[/caption]
The following graphic explains how SSL Certificate works on a website. The process of how an ‘SSL handshake‘ takes place is explained below in regards to the Instant SSL by Comodo Certificate Authority:
Instant SSL Certificate by the Comodo
Featuring the strongest possible levels of encryption, dedicated customer support, unlimited server licenses, dynamic site seal and free PCI scanning. Instant SSL by the Comodo team is not just great value for money, it is the complete trust solution for your website.
Generally speaking, Comodo is a leading certificate authority, issuing Secure Sockets Layer Certificate. Especially those that secure hundreds of thousands of e-Commerce and other websites globally including jmexclusives. Since 1998, Comodo has been keeping websites and web users securely connected through their SSL certificate and desktop security products. At Comodo, they believe that every person should be able to securely use the Internet. Which is part of the jmexclusives team futuristic resolutions too. Learn more about the Comodo Instant SSL Certificates.
How do you implement SSL on your website?
Implementing SSL for a website is quite easy! A typical installation of SSL certificate involves the following steps:
Step 1. Acquire SSL certificate
To implement SSL/TLS security on your website, you need to get and install a certificate from a trusted CA. A trusted CA will have its root certificates embedded in all major root store programs. Meaning the certificate you purchase will be trusted by the internet browsers and mobile devices used by your website visitors.
You should also decide which type of certificate suits you best. Below are some of the main SSL Certificates especially offered by the Comodo Instant SSL Certificate.
Step 2. Activate and install your SSL certificate
When SSL certificate is purchased from a web host, its activation is taken care of by the web host. The administrator of the website can also activate the SSL through Web Host Manager (WHM) or cPanel. In the WHM dashboard select the SSL/TLS option and choose “Generate SSL Certificate and Signing Request“.
Next, generate your Private Key and fill out the form for Certificate Signing Request (CSR). Ensure that you enter your domain name in the box asking for “Host to make cert for“. You will need to send this CSR to your CA in order to purchase a certificate. See https://support.comodo.com/index.php?/Knowledgebase/List/Index/19/csr-generation/ for help to generate a CSR using various web server types.
Comodo SSL Certificate Installations Guide
Comodo offers detailed guides for installing certificates on various web servers too. See SSL Certificate Installation on Different Web Servers for a full list. The guides provide installation instructions for different software types such as Apache, Apache on Cobalt, BEA, C2Net Stronghold, Ensim, F5, Hsphere, IBM, Microsoft, Netscape / Sun, Novell, Plesk, SSL Accelerator, Website Pro, and Zeus.
Step 3. Update Website from HTTP to HTTPS
Hyper Text Transfer Protocol Secure (HTTPS) is the secure version of HTTP, the protocol over which data is sent between your browser and the website that you are connected to. The ‘S’ at the end of HTTPS stands for ‘Secure’. It means all communications between your browser and the website are encrypted. HTTPS is often used to protect highly confidential online transactions like online banking and online shopping order forms.[caption id="attachment_15464" align="aligncenter" width="2800"] HTTPS pages typically use one of two secure protocols to encrypt communications – SSL (Secure Sockets Layer) or TLS (Transport Layer Security).[/caption]
The Secure Sockets Layer connections Signature
Web browsers such as Internet Explorer, Firefox and Chrome also display a padlock icon in the address bar to visually indicate that an HTTPS connection is in effect. You must now configure your website so that visitors who access this site get automatically directed to the “HTTPS” version. In addition, search engine providers like Google are now offering SEO benefits to SSL pages. So the effort to serve all pages on your site over HTTPS is well worth it.
Who issues the Secure Sockets Layer Certificates?
A certificate authority or certification authority (CA) issues SSL certificates. On receiving an application, the CA verifies two factors: It confirms the legal identity of the enterprise/company seeking the certificate and whether the applicant controls the domain mentioned in the certificate. The issued SSL certificates are chained to a ‘trusted root‘ certificate owned by the CA.
Internet browsers such as Firefox, Chrome, Internet Explorer, Microsoft Edge, etc. have these root certificates embedded in their ‘certificate store‘. Only if a website certificate chains to root in its certificate store will the browser allow a trusted and secure https connection. If a website certificate does not chain to root then the browser will display a warning that the connection is not trusted.
Details included in the Secure Sockets Layer certificate
Secure Sockets Layer Certificates contains the following details. Including;
- the domain name or common name
- serial number
- details of the issuer
- period of validity
- issue date and expiry date
- SHA Fingerprints
- a subject public key algorithm
- the subject’s public key
- certificate signature algorithm
- certificate signature value
On the other hand, important details such as the type of certificate, SSL/TLS version, Perfect Forward Secrecy status, and cipher suite details are also included. Additionally, the organization validated and extended validation certificates also contain verified identity information about the owner of the website. Including, organization name, address, city, state, and country.
How can you tell when a site uses a Secure Sockets Layer?
A web page using SSL will display
- “https://” instead of “http://” before the website’s address in the browser’s address bar
- A padlock icon in the address bar of the browser before the address.
- With an Extended Validation Certificate, the address bar also shows the registered name of the company. Particularly that which owns the website, the name of the issuing CA and, an additional green security indicator.
In conclusion, it is clear to note that your website presence is very important. However, without acquiring trust from your online visitors and blog traffic, all your efforts would be futile. Especially, if your website does not provide your web customers with a verification padlock. Not to mention that most customers earn your full trust through safeguarding and protecting their online presence at all cost.
In like manner, with secure sites, the customer information, especially the credit card numbers are encrypted. Preventing any suspicious and unauthorized access from the online hijackers. By the same token, your website visitors can verify you are a registered business and that you own the domain. As can be seen, customers are more likely to trust and complete purchases from a website that use HTTPS.