SSL, meaning Secure Sockets Layer, is an encryption method used by governments, corporate offices, online banks, as well many other places to transmit sensitive data over insecure networks like the Internet. It works by using two keys, one which can only encrypt data, and another that can both create Public Keys and decrypt data. The former is called a Public Key, and the latter a Private Key.
Use two sets of the above keys and you can have a fully secure transaction. However, both sides must have the others Public Key, which requires somehow sending it insecurely. SSL Certificates come in here by providing a way to "verify" a Public Key has not been tampered with. This prevents MITM (Man-in-the-middle) attacks, where an attacker captures and modifies data while it is in transit.
SSL Certificates need to be trusted though in order to be of any use, otherwise an attacker could just modify the certificate being sent like they could with the Public keys. To prevent end users from having to manually verify and trust every certificate they encounter, CAs (Certificate Authoritys) were created. They "sign" SSL Certificates, allowing the user to browse normally with security transparently around their transaction. Any reliable website will have a signed SSL Certificate. Some fine examples of such sites are: Wells Fargo Bank (wellsfargo.com), PayPal (paypal.com), and eBay (ebay.com). There are literately millions of other websites using signed SSL Certificates, and this is thanks to today's fast computers being able to easily handle strong encryption.
After being signed by a CA a certificate must be installed. Most SSL Certificate installation procedures are fairly simply, and only require a few small changed to the dedicated server they are securing. Once installed a certificate will function until its expiry date, which is usually one year from its date of issue. This expiration is done in case a certificate was stolen from a website, which can happen if a managed server becomes compromised. A CA can usually revoke the certificate if contacted in this case, which can help maintain the creditability of the website it was previously securing.
A final thing to note about SSL certificates is that they may only function on the domain they were signed for. For example, a certificate for example.com will not work on example.com or mail.example.com. Each individual domain must have its own SSL certificate.
There my be a cost to having several SSL certificates as described above, but it definitely pays off in the end when transmitted data is not captured by criminals. All it takes is one credit card number, one street address, or one intimate conversation for a website and possibly its connected business to go down. SSL helps protect these, increasing reliability and producitivity.
Daved Romanowski
Internet Service Provider Guru and Marketing Expert.
Article Source: http://EzineArticles.com/?expert=Daved_Romanowski
