What are SSL and Digital Certificates?

Secure Socket Layer (SSL) is a protocol developed by Netscape in 1996 which quickly became the method of choice for securing data transmissions across the Internet. SSL is an integral part of most Web browsers and Web servers and makes use of the public-and-private key encryption system developed by Rivest, Shamir, and Adleman.

In order to make an SSL connection, the SSL protocol requires that a server should have a digital certificate installed. A digital certificate is an electronic file that uniquely identifies individuals and servers. Digital certificates serve as a kind of digital passport or credential which authenticate the server prior to the SSL session being established.

Typically, digital certificates are signed by an independent and trusted third party to ensure their validity. The "signer" of a certificate is known as a Certification Authority (CA), such as VeriSign, thawte and GeoTrust.

The diagram below illustrates the process that guarantees protected communications between a Web server and a client. All exchanges of SSL Certificates occur within seconds, and require no action by the consumer.

Secure Sockets Layer (SSL): How It Works

Secure Sockets Layer (SSL) technology protects your Web site and makes it easy for customers to trust you. An SSL Certificate enables encryption of sensitive information during online transactions. Each SSL Certificate contains unique, authenticated information about the certificate owner. Every SSL Certificate is issued by a Certificate Authority that verifies the identity of the certificate owner.