Secure Sockets Layer (SSL), a protocol for encrypting information over the Internet. and it’s used to secure websites so that third parties cannot intercept information transferred between your computer and their website.
SSL Certificates are small data files that digitally bind a cryptographic key to an organization details. it is encrypted data that your web server will be able to understand when installed as a digital certificate.
Commonly used for Banks, email servers and online shops.
Upon seeking to establish secure communications with your Web-based business (for example, when a consumer initiates an online purchase) the consumer’s browser seeks to validate your Web site’s authenticity by requesting an SSL certificate that verifies the identity of the website owner. Once that SSL certificate is recognized, a Secure Sockets Layer (SSL) connection is established for website security, encrypting data transmitted between you and the consumer including such information as credit-card and bank-account numbers.
When installed on a web server, it activates the padlock and the https protocol (over port 443) and allows secure connections from a web server to a browser. Typically, SSL is used to secure credit card transactions, data transfer and logins, and more recently is becoming the norm when securing browsing of social media sites.
SSL Certificates bind A domain name, server name/host name and An organizational identity (i.e. company name) and location together.
An organization needs to install the SSL Certificate onto its web server to initiate secure sessions with browsers.
Once installed, it is possible to connect to the website over https://www.badrinathkadam.wordpress.com, as this tells the server to establish a secure connection with the browser. Once a secure connection is established, all web traffic between the web server and the web browser will be secure. Browsers tell visitors a website is SSL secure via several visible trust indicators:
## Types of SSL Certificates :
Online businesses may currently ensure website security by choosing between three types of SSL Certificates: Organizationally Validated (OV) SSL Certificates, Domain Validated (DV) SSL Certificates, and Extended Validation SSL Certificates.
All SSL Certificates include data encryption and trigger the browser to display a closed padlock and the “https” prefix in the browser address window. However, not all provide the same level of validation that the bearer of the SSL Certificate is truly a legitimate business with a secure website.
1. ORGANIZATIONALLY VALIDATED (OV) SSL CERTIFICATES :
This level of SSL website security validation, currently offered by Network Solutions and other certificate authorities (CAs), assures the validity of a Web site by verifying that the applicant is a legitimate business. Before issuing the SSL certificate, the CA performs a rigorous validation procedure, including checking the applicant’s business credentials (such as the Articles of Incorporation) and verifying the accuracy of its physical and Web addresses. An Organizationally Validated SSL Certificate is an excellent website security option for any business conducting online transactions and accepting sensitive data, such as credit-card numbers, from customers.
2. DOMAIN VALIDATED (DV) SSL CERTIFICATES :
The validation procedure is less rigorous for a Domain Validated SSL Certificate. When issuing a Domain Validated SSL Certificate, the CA checks only that the applicant’s name and contact information matches the registration information in the WHOIS database for the domain name associated with the applied for SSL Certificate. Because CAs aren’t required to validate the legitimacy of the applicant’s business, Domain Validated SSL Certificates are a good choice for businesses where customers will not be transmitting sensitive data or are less concerned about website security issues like identity assurance.
3. EXTENDED VALIDATION (EV) SSL CERTIFICATES :
This newest level of Certificate validation is also available from Network Solutions. Introduced in early 2007, Extended Validation SSL Certificates are the first SSL Certificates to adhere to industry-wide certification guidelines established by leading Web browser vendors and Certificate Authorities, including Network Solutions. The Certificate application process itself is more thorough and the validation criteria more rigorous for EV certification, whose applicants, at least initially, are limited to certain types of business entities and government agencies. Among the new features of EV SSL Certificates is the color-coding of the Web browser’s address bar to signal secure connections. The browser navigation window turns green to indicate an authentically validated site with an Extended Validation SSL Certificate, full website security, and encryption in place, and turns red when it encounters a known phishing or otherwise untrustworthy site.
Badrinath's Personal Blog 