Skip to main content

SSL Certificate

What is an SSL Certificate?

SSL refer to Secure Sockets Layer. SSL is a global standard security technology which permits a secure connection between a web browser and web server.

In this modern time of technology, every 6 users from 10 users are shopping online and increasing day by day. At the same time, the risk of online fraud is additionally increasing. At this time of modern technology, we can’t stop using online services like shopping, banking, sending critical files. To scale back this risk of online security we need an SSL certificate.

In simple words, the SSL certificate stands for security. When we are shopping or banking online, we want to make sure the website is “HTTPs” and a green lock icon is showing in the status or URL bar.

HTTP vs HTTPs

Now, what does HTTPs means? What does that Green lock icon mean? To understand the meaning of these two terms, we need to understand the SSL certificate and the way it works.

The full form of HTTP is Hypertext transfer protocol. HTTP grants standard rules for transferring information on the web. HTTP is an insecure connection and HTTPs is the secure version of HTTP. It is a protocol used between a web browser and a web server. In “HTTPs”, s stands for secure. In technical terms, HTTPs stands for HTTP over SSL (Secure Socket Layer). 

HTTPs means all communications between your browser and the web server are encrypted. Behind HTTPs, SSL certificate plays an important role in building trust between a browser and a web server.
SSL certificate is a web server’s digital certificate issued by a third party and verifies the identity of a web server and its public key. Let’s check out how SSL certificate actually works between a web browser and web server:

The Way it Works

When a user wants to connect with a web server (any website like google, yahoo, etc.) with all the communication with the web server being encrypted. For that, the user types in “https://www.example.com", and hit enter. Let’s see what happens in the background: 
Step 1: The browser sends a request for secured pages (HTTPs pages) from the web server/ example.com.

Step 2: The example.com's web server will send its Public Key with its SSL certificate top the user browser. This SSL certificate is digitally signed by the Certificate Authority or simply CA.

Step 3: To check ion the digital certificate is valid or not, the user’s browser gets the certificate and it will check the issuer’s digital signature to make sure the certificate is valid. The digital signature is always created by CA’s Private Key. Every browser either Chrome/ Firefox etc. are already installed with many major CA’s Public Keys. Thus, the digital signature can be verified.

Once the signature is verified by the browser, the digital certificate can be trusted. After verifying a green padlock icon is visible on the left side of the address bar. The meaning of this green lock is that the web server’s public key actually belongs to the Web Server, not someone else. 

Step 4: Now the verification is completed and it is the time to exchange the secret information/ data (user wants to share or download). Every browser creates one Symmetric Key to share the secret information to the web server because the browser does not want to share the secret information in plain text. For that reason, it uses the web server’s Public Key to encrypt the information and then it sends it to the Web Server.

Step 5: When the web server gets the encrypted symmetric key, it uses the server’s Private Key to decrypt it. So the web server gets the browser’s shared key.

From now on, all the traffic between the user and web server will be encrypted and decrypted with the same key/ Symmetric Key. This is an example of how asymmetric and symmetric key algorithm works together. Asymmetric Key Algorithm (private key and public key) is used to verify the identity of the owner and its public key, so that trust can be built. Once the connection is established, the symmetric key algorithm (Shared Key) is used to encrypt and decrypt all traffic between the user and the web server.

Important to Note: “HTTPs” and Green Lock only shows that the communication between the user and web server is encrypted and it is not being shared to someone else in the middle. It never means that any website which is using “HTTPs” is safe and good. Anyone, including hackers, can get an SSL certificate for their Website.
Labels:

Comments

Post a Comment

Popular posts from this blog

Ministry of AYUSH Advise on Immunity-Boosting Measures for Self-Care During COVID 19 crisis

Ministry of AYUSH आयुष मंत्रालय COVID 19 के संकट के दौरान आयुर्वेद से प्रतिरक्षा (Immunity) बढ़ाने के उपाय: इस COVID 19 के प्रकोप में, दुनिया भर में पूरी मानव जाति पीड़ित है। शरीर की प्राकृतिक रक्षा प्रणाली (प्रतिरक्षा) को बढ़ाना अच्छे स्वास्थ्य को बनाए रखने में महत्वपूर्ण भूमिका निभाता है।हम सभी जानते हैं कि रोकथाम इलाज से बेहतर है। जैसा की सभी जानते है अभी तक COVID-19 की कोई दवा नहीं बनी है लेकिन अपने शरीर की इम्युनिटी यानि प्रतिरक्षा को बढ़ाना एक अच्छा कदम है। आयुर्वेद जीवन का विज्ञान होने के नाते स्वस्थ और सुखी जीवन जीने के लिए प्रकृति के द्वारा प्रदान उपहारों का प्रचार करता है।आयुर्वेद का व्यापक ज्ञान निवारक देखभाल (Preventive Care) पर आधारित है और यह स्वस्थ जीवन को बनाए रखने के लिए “दिनचर्या” जो की दैनिक कार्य है और “ऋतुचर्या” यानि मौसमी दिनचर्या के विचारों से निकला है। इस वायरस का सबसे ज्यादा असर व्यक्ति के श्वसन स्वास्थ्य यानि सांस से जुडी प्रणाली पे पड़ता है। इसी बात का ध्यान रखते हुए आयुष मंत्रालय श्वसन स्वास्थ्य के लिए प्रतिरक्षा (Immunity) को बढ़ाने के लिए निम्नलिखि...
Post a Comment
Read more