The chances are that if you have ever purchased anything online, then you have probably used an SSL certificate. If you are an online vendor or owner of an e-commerce site, then you have most likely been told that purchasing an SSL certificate is very important. But, what exactly is an SSL and why is it so crucial?
SSL stands for Secure Sockets Layer. It’s not exactly self-explanatory, so here’s what it actually does. An SSL certificate allows sensitive data and information such as personal information and credit card details to be transmitted securely. Usually the information that you communicate online is in a plain text format, which means that anyone who intercepts the information will be able to read and understand it. An SSL certificate establishes an encrypted link between a browser and a website, making it impossible for the naked eye to understand.
You have probably been unwittingly using SSLs in your regular everyday online activity and it is straightforward to recognise when one is being used. Just keep an eye out for the lock icon or sometimes a green bar in the address bar. The most obvious tell-tale sign though is a web address which begins with https and not http. The extra s means that this site is secured, thanks to an SSL certificate.
So now you know what it is and what it does, what are the technicalities behind a functioning SSL? The first step is to get a Certificate Signing Request (CSR) on your server. The CSR then creates a private key and data file which is sent to a company which is permitted to issue SSL certificates, known as a Certificate Authority (CA). The CA then springs into action and creates a public key to match the private key, allowing them to communicate with each other safely. You will then be issued with an SSL which you must simply install on your server. The CA is crucial to the whole process. Although there is no overall regulatory body, browsers only trust CAs which are listed at the Trusted Root CA store, so make sure that your chosen CA is well accredited. If you purchase a Thawte SSL certificate for example, then you can’t go wrong.
Once your SSL is installed, the technical process is fairly straightforward. When a browser attempts to make a connection with a website secured by an SSL certificate, the two set up a connection through a process often known as an ‘SSL handshake.’ Basically, anything that is encrypted with the private key can only actually be read by the public key and vice versa. In other words, it creates a secure and safe connection. This is of course massively important if you want to make sales online. It means that customers can actually make purchases.
However, before going ahead to purchase an SSL certificate which will make all this possible, there are a couple of things to note. If you are selling a product via a third party platform, they will often have a shared SSL certificate, meaning that you do not need to purchase one yourself. In addition, it is important to note that it is not wise to purchase more than one SSL for a single IP address, as it is likely to confuse the process. In these situations, it is wise to check out EV SSL certificates from Thawte which secure multiple domains at the same time.