Ssl Certificates Explained – Your Questions…


Joseph asks…

what is ssl certificate?


admin answers:

It is an ‘Official verification’ given to a website, by a recognized authority, that is used to establish (between your browser & that website) an encrypted form of data transfer.
It basically says this site is who they say they are, and have undergone several verification steps to prove it.

SSL is the earlier form of security over TCP/IP and has been replaced by TLS.

Protocol for establishing a secure connection starts with the ‘hello’ or ‘handshake’ procedures:
1) client (your computer) seeks a secure connection over socket 443)
2) client sends a ‘greetings’ packet with several items: incl. What protocol it has available (SSL 2, SSL3, TLS, etc.); time, session number, list of it’s encryption capabilities, and so on
3) the sought server looks at it’s own protocol levels & selects/matches the best possible protocol for the connection
4) the server returns a message saying ‘OK, here’s the method (or protocol) we’ll use, and here’s my certificate (optional), and we’ll call it so-and-so session…etc.; and a ‘finished hello’ message
5) Client sends to server an “agreed” message, and ‘finished hello’ message.

(this all happens before any application data is sent; it’s just groundwork to establish authenticity of endpoints, and method of encryption)

Overview of the evolution of various security protocols is here (this is a moderately ‘dense’ (facts per minute) material).
Http:// # 195

Powered by Yahoo! Answers

Ssl Certificates – Your Questions…


Mark asks…

SSL certificates?

I think SSL certificates are used by websites to protect data passed to and from a server. If i purchase a SSL certificate, how can i connect it to my website. Can anyone tell me the procedure to do so.

admin answers:

SSL certificates provide two things:
1) Encryption between the browser and the web server to make sure that no one can intercept the contents of the communications.
2) Authentication so that an end user can be assured that the site really is who it says it is. It doesn’t allow the site to know for sure who the user is unless the user also installs a certificate (which is very rarely done.)

How you install a certificate depends on who you purchase it from and what web server software you use. Most companies that sell SSL certificates provide you with instructions on how to import it into your web server.

An example can be found at

Powered by Yahoo! Answers