What Is A SSL?

100% Uptime SLA, 24/7/365 Live Support & Fast Cloud Servers

The protocols for establishing authenticated and encrypted links between networked computers are SSL (Secure Sockets Layer) and its successor, Transport Layer Security (TLS). While the SSL protocol was discontinued with the introduction of TLS 1.0 in 1999, it is still popular for these similar technologies to be referred to as "SSL" or "SSL / TLS." TLS 1.3, specified in RFC 8446 (August 2018), is the most recent edition.

Keys, Certificates, and Handshakes

SSL / TLS works by linking the identities of entities such as websites and businesses via digital documents known as X.509 certificates to cryptographic key pairs. A private key and a public key make up each key pair. The private key is kept secure and, via a certificate, the public key can be widely distributed.

The specific mathematical link between a pair of private and public keys means that the public key can be used to encrypt a message that can only be decrypted with a private key. In addition, the private key holder can use it to sign other digital documents (such as web pages) and this signature can be checked by anyone with the public key.

If the SSL / TLS certificate itself is signed by a Publicly Trusted Certificate Authority (CA) such as SSL.com, client applications such as web browsers and operating systems can implicitly trust the certificate. Publicly trusted CAs have been accepted to verify identities that will be trusted on their websites by major software providers. The validation and certificate issuance procedures of a public CA are subject to routine, comprehensive audits to retain this trustworthy status.

With a publicly trusted certificate, the private and public keys may be used using the SSL / TLS handshake to negotiate an encrypted and authenticated communication session over the internet, also between two parties who have never met. This basic reality is the basis of, as it is known today, safe web browsing and electronic commerce.

Not all of the SSL / TLS applications need public confidence. For instance, for internal use, a business may issue its own privately trusted certificates.

SSL/TLS and Secure Web Browsing

Safe Web browsing through the HTTPS protocol is the most popular and well-known use of SSL / TLS. An SSL / TLS certificate that is signed by a publicly trusted CA requires a properly configured public HTTPS website. You can be confident of users accessing an HTTPS website:

  • Authenticity - The server presenting the certificate is in possession of the private key that matches the public key in the certificate.
  • Integrity - Documents signed by the certificate (e.g. web pages) have not been altered in transit by a man in the middle.
  • Encryption - Communications between the client and server are encrypted.

Because of these features, SSL / TLS and HTTPS allow users to transfer sensitive information securely over the internet, such as credit card numbers , social security numbers, and login credentials, and make sure that the website to which they send them is authentic. These data are transmitted as plain text with an unreliable HTTP website, readily accessible to any eavesdropper with access to the data stream. In addition, users of these unprotected websites have no trusted third-party guarantee that what it appears to be is the website they are visiting.

To be sure that the website you are visiting is secured by a trustworthy SSL / TLS certificate, look for the following indicators in the address bar of your browser:

A closed icon for the padlock to the left of the URL. The padlock could be green and/or accompanied by identifying details about the company running it, depending on your browser and the type of certificate the website has mounted.

    If shown, the protocol at the beginning of the URL should be https://

    , not http://

    . Note that not all browsers display the protocol.

Modern desktop browsers also warn visitors who do not have an SSL / TLS certificate to vulnerable websites.

Registered in England and Wales with company number 12201331.

Registered Office: 252 High Street, Aldershot, 
United Kingdom, GU12 4LP