What is an SSL Certificate?
An SSL Certificate is a public and private key system, these keys work together to establish a secure connection between the browsing user and a server to send and retrieve encrypted information. Anyone can create an SSL Certificate, which cannot always be trusted. There is why there are Audited SSL Certificate companies to order from. To learn more: View how an SSL Certificate Works
When do you need an SSL Certificate?
When sensitive information is stored or transferred through the client to the server, you should always use an SSL Certificate. This will establish a trusted connection, and then allow sensitive information to be sent and retrieved. If your website is a portfolio, blog, or just a general information website, then you really do not require an SSL. There are different levels of SSL Certificates for the different types of websites that are needed, and different levels. To learn more: View which SSL Certificate you need.
Breakdown of SSL Certificate in Action:
This all happens in order, and is instantaneous. At the beginning, there is no secure connection; once completed, your connection will be secure and trusted.
Browser Initial Establish
The browser will establish a connection to the server via website (https). The browser will then ask for identification from the server.
Server Initial Response
The server will respond with by sending the SSL Certificate, along with the public key.
Browser Key Check
Now the browser will receive the SSL Certificate and public key, it will then validate that the SSL Certificate and key are not expired, revoked, and that the key belongs to the domain that it has been validated for. If the browser gathers the information, and validates it, it will then send back a newly created and encrypted session key using the servers public key.
The server will then decrypt the session key that was newly created by the browser. Once the key has been decrypted and accepted, the server will then begin the encrypted session.
The browser and server are not secure, and relay all information back and forth within this secure connection, based on the session key. If the user closes the browser, the key and connection will be terminated. The process will restart every time the user needs a new session on the website.
Types of SSL Certificates
FatCow offers 3 types of SSL’s, between 3 trusted organizations. These types include the Standard SSL (low-end but secure), EV SSL (extensive verification), and WildCard SSL (for unlimited subdomains).
This type of SSL Certificate is the least validated of SSL Certificates, but is still trusted. The validation level will be less extensive, requiring less waiting time and verification time by the issuer, saving a little bit of money.
An EV SSL Certificate is better than the Standard SSL for the simple fact that it does more extensive validation. The validation level will be more extensive, requiring more waiting time and verification time by the issuer, but will trusted by more consumers. The browser even gets a special green activation in the browser bar, making the secure connection more noticeable by consumers.
This type of SSL Certificate is the most versatile. The SSL Certificate will be allowed to be on as many sub-domains of the original domain. This is great for a business that has multiple areas of the website that needs a secure connection. However, do note that a Wildcard SSL Certificate is not as trusted as an EV SSL Certificate, due to the amount of verification that is conducted with an EV SSL Certificate.