What is SSL?

What is SSL?

• A security mechanism for the Internet based on encryption is known as SSL, or Secure Sockets Layer. 
• To provide privacy, authentication, and data integrity in Internet communications, Netscape created it for the first time in 1995. The present TLS encryption now in use predates SSL.
• The URL of a website that uses SSL/TLS begins with "HTTPS" rather than "HTTP."

SSL/TLS

How does SSL/TLS work?

• SSL encrypts data that is sent across the web in order to offer a high level of privacy. As a result, anyone attempting to intercept this data will only be able to make out a jumbled collection of characters that is incredibly difficult to decrypt.
• In order to make sure that both communicating devices are indeed who they say they are, SSL starts an authentication procedure between them known as a handshake.
• In order to provide data integrity and ensure that the data has not been tampered with before reaching its intended receiver, SSL additionally digitally signs data.
• Each new version of SSL is more secure than the previous one. TLS was modified from SSL in 1999.

Why is SSL/TLS important?

• Data on the Web used to be sent in plaintext, which meant that anyone could read it if they intercepted the communication. For instance, if a customer went to a shopping website, made a purchase, and entered their credit card information, that information would be transmitted across the Internet in clear view.
• SSL was developed to address this issue and safeguard user privacy. SSL makes sure that anyone who intercepts the data can only see a jumbled mess of characters by encrypting any data that travels between a user and a web server. 
• The credit card number submitted by the customer is now secure and only accessible by the purchasing website.
• SSL also prevents specific cyber-attacks: It verifies web servers, which is crucial because hackers frequently attempt to create phony websites in order to deceive consumers and steal data. Like a tamper-proof seal on a medication container, it likewise prevents attackers from altering data while it is being transmitted.

What is an SSL certificate?

• Only websites that have an SSL certificate can use SSL (technically a "TLS certificate"). An SSL certificate serves as a badge or identification card that verifies a person is who they claim to be. The server hosting a website or application stores and displays SSL certificates on the Internet.
• The website's public key is one of the most crucial pieces of data in an SSL certificate. Encryption and authentication are made feasible via the public key. 
• The public key is viewed by a user's device, which uses it to create safe encryption keys with the web server. The web server also has a private key, which is kept private, that it uses to decrypt data that has been encrypted using the public key.
• SSL certificates are issued by certificate authorities (CA).

What are the types of SSL certificates?

The varieties of SSL certificates are numerous. Depending on the kind, a single certificate may be used for one or several websites:

• Single-domain: Only one domain is covered by a single-domain SSL certificate (a "domain" is the name of a website, like www.dcandcn.blogspot.com).
• Wildcard: A wildcard SSL certificate only applies to one domain, just like a single-domain certificate does. But it also includes the subdomains of that site. A single-domain certificate could only protect the first domain, whereas a wildcard certificate could protect www.dcandcn.blogspot.com, www.mskuthar.blogspot.com, and b2adigitals.blogspot.com.
• Multi-domain: Multi-domain SSL certificates, as their name suggests, can be used with numerous unrelated domains.

Different levels of validation are available for SSL certificates as well. Similar to a background check, the level of validation varies according to how thorough the check is.

• Domain Validation: This is the simplest and least expensive level of validation. A company only needs to demonstrate that they have domain control.
• Organization Validation: The CA contacts the person or company directly in this process, which is more hands-on. For users, these certifications are more reliable.
• Extended Validation: Before an SSL certificate can be issued, an organisation must undergo a thorough background investigation.