At its most basic, an SSL Certificate is a piece of software that encrypts all information moving to and from the Certificate holder’s website. This means no exchange between the website and its visitors can be intentionally or accidentally “overheard” by a third party, regardless of whether the visitor is placing an order or just signing up for a newsletter.
Once a website visitor enters a secure area of an SSL-protected website, the following takes place:
• The visitor’s browser requests a secure session from the server on which the website is stored.
• The server responds by sending the visitor’s browser a digital copy of its server certificate.
• The visitor’s browser verifies that the server’s certificate is valid, is being used by the website for which it was issued, and has been issued by a Certificate Authority that the browser trusts.
• If the certificate is validated, the browser generates a one-time “session” key and encrypts it with the server’s public key.
• The visitor’s browser sends the encrypted session key to the server so that both server and browser have a copy.
• The server decrypts the session key using its private key.
• The SSL “handshake” process is complete, and a secure connection has been established.
• A padlock icon and “https://” prefix appear in the visitor’s browser bar, indicating that a secure session is under way (unsecured websites showing an http:// prefix typically lose customers at this point). If protected with a Premium SSL Certificate, a green address bar will also appear including the Certificate holder’s name.
Called the SSL “handshake,” this entire process takes place behind the scenes, providing an uninterrupted experience for the site visitor. If a visitor attempts to submit personal information to a website that is not protected by a valid SSL Certificate, the visiting browser’s built-in security mechanism will send a warning to the user. A dialog box will appear telling him/her that the site is not secure and that sensitive data might be intercepted in transit by third parties. When faced with such a warning, most Internet users sever the connection.
SSL Certificates not only confirm the identity of the Certificate holder’s website to the visitor’s browser but also encrypt information sent and received by the holder’s website. Information contained in the digital Certificate includes:
• The Certificate holder’s name (individual or company)
• The Certificate’s serial number and expiration date
• A copy of the Certificate holder’s “public” cryptographic key
• The digital signature of the Certificate-issuing authority
An SSL Certificate allows you to build an impenetrable fortress around your customers’ most sensitive data.
Sea N Sun offers individuals and small business owners online marketing, domain registration, web hosting, shopping carts, merchant accounts, blog sites, website builders, online backup, online storage, search engine optimization, search engine marketing, analytics, Email, Email marketing, fax thru Email, online calendar, photo albums, custom built websites and more.
No comments:
Post a Comment