Newbiesite Blog Newbiesite Blog

March 19, 2013

Secure Your Website with SSL Certificate

Filed under: General — Newbiesite Admin @ 1:14 am


Internet is crawling with hackers who are looking for valuable information to steal. For this reason consumers are not willing to submit any personal details to a website. No doubt that sending credit card details and other sensitive details over an unencrypted internet connection is just like asking for trouble.

There is one simple solution for this; which is SSL Certificates which provides an effective way to secure your site against unauthorized interceptions. This makes all exchanges between the site and its visitors 100% secure and private.

What is SSL?

Secure Socket Layer is the most widely deployed security protocol now a days. It is a protocol that provides a secure channel for two machines operating systems over the internet. SSL creates an encrypted connection between your web server and your visitors’ web browser allowing for private information to be transmitted without the problems of  data tampering, or message forgery.

How does SSL certificate works?

All browsers have the capability to interact with secured web servers using the SSL protocol. However, the browser and the server needs an SSL Certificate to be able to establish a secure connection. These SSL certificate has key pair : a public IP and private key and session keys. These keys work together to establish an encrypted connection.
Anything encrypted with the public key can only be decrypted by the private key and vice versa. These are only used during the SSL Handshake to create a symmetric session key. After the secure connection is made, the session key is used to encrypt all transmitted data.
To get a certificate, you must create a certificate signing request(CSR) on your server. This CSR creates the private key and a CSR data file that you send to the SSL Certificate issuer . The CA(certificate authority) uses the CSR data file to create a public key to match your private key without compromising the key itself. The CA never sees the private key.
Once you receive the SSL Certificate, you install it on your server. You also install a pair of intermediate certificates that establish the credibility of your SSL Certificate by tying it to your CA’s root certificate.

How does SSL creates a secure connection?

When a visitor’s browser attempts to access a website that is secured by SSL, the browser and the web server establish an SSL connection using a process called an  SSL Handshake. This process is invisible to the user and it happens instantaneously. The browser requests for the server identity. The server sends a copy of its SSL certificate along with its private key to the browser.
Browser checks the certificate root against a list of trusted CAs and that the certificate is unexpired and is valid for the website that it is connecting to. If the browser trusts the certificate, it creates, encrypts, and sends back a symmetric session key using the server’s public key.
Now, server decrypts the symmetric session key using its private key and ends back an acknowledgment encrypted with the session key to start the encrypted session. Server and Browser now encrypt all transmitted data with the session key.

Why do you need SSL for your website?

Most of the internet users want to know that their information is safe. They always want to know that you value their privacy and security. They shares the most private and sensitive data like credit card details and even allows access to their money. If it falls into wrong hands this can be highly destructive.
One way you could make your customer comfortable and secure and make them feel that you are serious in protecting their information is to have a SSL certificate. It is an important step to take in your online business. Without it, you are likely to lose customers and find your sales and revenues falling.

No Comments »

No comments yet.

RSS feed for comments on this post. TrackBack URL

Leave a comment

You must be logged in to post a comment.

Powered by WordPress