Many people have a vague idea about SSL (Secure Sockets Layer or HTTPS). They know that it's a secure connection and that's about it. The Internet houses millions of computers sending, receiving and transmitting messages. During this process, it is possible to eavesdrop on online individuals and businesses. You can compare it with a letter being opened, read and, maybe, even changed by the postman, eventually arriving at the unsuspecting recipient. The solution is obvious. You encode the letter, while only sender and recipient have knowledge of the decoding. On the Internet, this is not always possible. A web server has no idea who its visitors are so it's unable to distinguish between correct or wrong senders and recipients and, if it has to share encoding and decoding with everyone. then it is no longer a secret.
How Secure Sockets Layer resolves this?
When you visit a secured website, your computer sends a request to the server. The server responds by sending a special key that is able to encrypt information that can be found on the server. Now, at the background, your browser will encrypt the information it has found before displaying it to you. This key is not secret, but it has one important feature: encrypting information using the key is easy, but decoding is a lot harder. There you need a different key. And, only the secure web server has that second key. Now, how can your browser convince the secure server that it's safe to send the second key? This is done as follows: Your browser comes up with a random number, encrypts it the same way as the server on the other side, and sends it to the secure server. From that moment your computer and the server are sharing a secret thus creating mutual trust which enables your browser to receive and use the second key for displaying decoded readable information on your monitor.
How keys are made.
A unique key can be created easily and fast. Of course, before this process can take place, there are a lot of mathematical calculations necessary, so that the first key can only encode and the second one can both encode and decode. Thanks to clever programming by encryption experts keys are fortunately very difficult to crack. Think about supercomputers that are busy for weeks to decode only one message.
And how about identity?
How can you be sure that you are communicating with the right server? What if somewhere along the road, your information is being intercepted and manipulated? If someone has duplicated your bank's website and you are communicating with that server, then what's the sense of a secure connection? This means that your computer should be able to check if it's correct that the secure server is using that specific key and that it's not in use by an unauthorized web server.
As a secure website owner you can register your keys. Once a visitor gets your public key, the visitor's browser can inquire if this is indeed a registered key. If a visitor is talking to the wrong server, then this server will show a different unknown set of keys so its criminal intentions will be exposed immediately. This key registration and identity assurance is what we call an SSL certificate. A Secure Sockets Layer certificate is a small data file that digitally binds a cryptographic key to the details of a business or organization. When it's installed on a secure web server, it activates the padlock icon including HTTPS and creates a secure connection between browser and server.
Differences between SSL Certificates.
If you look closely, there are some differences between Secure Sockets Layer certificates. The green bar for example. It's not always there when you visit an https website. And where does the price difference between certificates come from? Apparently there are several providers. Is one more secure than the other?
There are many SSL certificate providers. Examples are Linus Hosts Inc, VeriSign, GeoTrust, GlobalSign, SSL.com, Start.com, Symantec, Trustwave and Comodo. These providers use different algorithms to certify keys, use higher and lower levels of encryption, offer different warranties, check more or less data, and there are some minor differences as well. In one of my next articles I will explain the differences more detailed. Last, but not least, I would like to underscore the importance of a new Google ranking benefit. Since August 2014 Google ranks secure sites higher than non-secure websites. So by making your web site a safe place for your visitors, you will rank higher in Google's search results.
To conclude we can say that above described security measures have two distinct advantages: they make the Web a safer place and websites can rank higher in Google. On the other hand the price can be a disadvantage and implementation can be difficult. Last but not least I would like to emphasize that this document is not waterproof. The Internet is after all an ever-changing medium and new more advanced techniques are popping up all the time. Last but not least, if you're looking for a web hosting provider that offers not only great hosting and domains but also affordable top quality SSL solutions, you could read the banner at the top of this page. I hope you enjoyed reading this article and please don't hesitate to contact me if you have any questions. If you want to know even more you can also watch the video below. Thanks for your visit and cheers!