About SSL (Secure Sockets Layer)
By Jithin on September 8th, 2016
What is SSL (Secure Sockets Layer)?
SSL stands for Secure Sockets Layer. It is a protocol to establish an encrypted link between a server and a client. When SSL is used, the URL will be starting with https as “https:www.domain.com” and there will be a green padlock which tells us that SSL is installed.
When SSL is used, we get privacy, integrity, and authentication. As SSL enables secure communication, millions of websites are using SSL to transmit sensitive information such as credit card numbers and login credentials. SSL is a paid service.
How SSL Works?
To establish a connection secured by SSL, one of the certificates needs to be installed on the website. When a web browser is accessing such a web site, the browser and the web server establish an SSL connection using “SSL Handshake”. The process is invisible to other users.
1) Browser tries to access a web site secured with SSL (https) i.e, connects to the web server. Here, the browser requests that the server identity itself.
2) The server sends back a copy of its SSL Certificate including the server’s public key.
3) Browser checks the received certificate root against a list of CAs. This checking is done to ensure that the certificate is unexpired, unrevoked and its common name is valid for the website which it is connecting to. If the browser trusts the certificate, it creates, encrypts and sends back a symmetric session key using the server’s public key.
4) The server decrypts the session key using the private key and sends back an acknowledgment encrypted with the session key to start the encrypted session.
5) Server and browser now encrypt all transmitted data with the session key.
If you are an owner of a website, then you need an SSL certificate to make your customers confident about their online purchases.
The types of SSL certificates
Various users engage on the Internet for a vast array of applications. As the scope of applications for SSL became numerous different types of SSL Certificate have emerged. Certificates can be grouped based on various behaviors. The SSL classification is listed below.
1) SSL Certificates classified by Validation Level
2) SSL Certificates classified by Secured Domains
SSL Certificates classified by Validation Level
We can group the SSL by Validation Level. The members of this group are listed below.
1) Domain Validated SSL Certificates
2) Organization Validated SSL Certificates
3) Extended Validation SSL Certificates
Domain Validated SSL Certificates
This type of SSL Certificate validates the domain is registered and someone with administration rights is aware of and approves the certificate request. Here, the Certificate Authority (CA) checks the right of the applicant to use a specific domain name. CA is the certification authority who issues the certificate. With these certificates, no additional details like company identity and other details will be displayed in the Secure Site Seal, but the encryption information. The Domain Validated SSL is ideal for businesses that require a low-cost SSL because it is delivered quickly. The instantaneous delivery is the advantage of the Domain Validated SSL.
In the Domain Validated SSL, the verification process is normally done by email or DNS. The domain owner will be requested to prove the admin rights by receiving and confirming an email sent to the “firstname.lastname@example.org” email address or configuring some specific DNS records for the domain. The whole process normally takes from a few minutes to a few hours. That’s why it’s quick and easy to get a certificate. The browser will indicate that the certificate is valid and is signed by a trusted authority.
Organization Validated SSL Certificates
In Organization Validated SSL Certificates, the validation of the additional organization information such as name, city, state, and country are also done along with the validation of domain ownership. Here, the CA checks the right of the applicant to use a specific domain name plus it conducts some vetting of the organization. This additional information can be viewed by the customers by clicking on the Secure Site Seal. The verification process is similar to the Domain Validated Certificates but requires some documentation to certify the company identity. The validation process may take up to a few days to finish.
Extended Validation SSL Certificates
The next certificate type is Extended Validation Certificate. In this category, the validation on domain ownership, organizational information, and the legal existence of the organization are performed. It validates that the organization is aware of the SSL Certificate Request and approves it. The validation process requires documentation to certify the company identity along with some additional steps. The order can take up to a few weeks to complete. Generally, the Extended Validation SSL Certificates can be identified with a green address bar containing the company name in the browser’s URL field. The new high-security web browsers such as Microsoft Internet Explorer 7+, Opera 9.5+, Firefox 3+, Google Chrome, Apple Safari 3.2+, and iPhone Safari 3.0+ identify EV Certificates and activate the browser interface security enhancements.
SSL Certificates classified by Secured Domains
SSL Certificates classified by Secured Domains are further classified into three sub groups as listed below.
1) Single-name SSL Certificates
2) Wildcard SSL Certificates
3) Multi-Domain SSL Certificates
Single-name SSL Certificates
The Single-name SSL Certificate protects a single sub-domain. If you purchase a certificate for www.domain.com, it will cover the root domain, domain.com, but not its sub-domains such as mail.domain.com.
Wildcard SSL Certificates
The wildcard SSL Certificates protect unlimited sub-domains of a root domain. In our above example, it will cover the mail.domain.com and *.domain.com.
Multi-Domain SSL Certificates
The Multi-Domain SSL Certificates protect different domains with single certificate. Normally, you can secure a combination of different sub-domains from different domains. These are the grouping of SSL Certificates. The validation level and number of secured domains do not affect the security level offered by an SSL certificate.
If you need any further assistance please contact our support department.