SSL Certificate

It is a Digital certificates serve as the backbone of internet security.

Secure Sockets Layer (SSL) certificates, sometimes called digital certificates, are used to establish an encrypted connection between a browser or user’s computer and a server or website. The SSL connection protects sensitive data, such as credit card information, exchanged during each visit, which is called a session, from being intercepted from non-authorized parties.

Creating a Secure Connection

SSL is the standard security technology for establishing an encrypted link

Invisible to the end-user, a process called the “SSL handshake” creates a secure connection between a web server and a browser. Three keys are used to create a symmetric session key, which is then used to encrypt all in-transit data.

  1. Server sends a copy of its asymmetric public key to browser.
  2. Browser creates a symmetric session key and encrypts it with the server’s assymmetric public key then sends it to the server.
  3. Server decrypts the encrypted session key using its asymmetric private key to get the symmetric session key.
  4. Server and browser now encrypt and decrypt all transmitted data with the symmetric session key. This allows for a secure channel because only the browser and the server know the symmetric session key, and the session key is only used for that specific session. If the browser was to connect to the same server the next day, a new session key would be created.