What is SSL and Why Do I Need It?

January 18th, 2011 by

SSL is a vital tool in securing your information when communicating sensitive data online, and can help protect you and your clients/visitors. Unfortunately many site-owners and users don’t understand what SSL is, how it works or how it can benefit them. This post aims to be a simple clear-cut guide on what it is, how it works and why you and your visitors need it.

What is SSL:

SSL (Secured Socket Layer) or HTTPS:// as it is more commonly known is a secure connection between you and the website (server). SSL adds an additional layer of security to the connection, which encrypts all data to and from the server and your browser. The key aims of SSL are to protect data in transit from being snooped (intercepted and “read” by others).To help to ensure integrity of the data (ensure no body modifies the data in transit) and authentication (checking that the person who says they sent it, really did).

SSL should always be used to secure connections when handling sensitive data such as credit card details or online banking.

How it works:

SSL was originally developed by Netscape for sending files and data via the web without the risk of nosy neighbours peeking (sniffing) the data being sent/received. SSL uses a cryptographic key system which uses two keys used to encrypt the data being sent. The first key is the “public” key which is available to anyone. The second key is the “private” key which is only known by the intended recipient of the data.

For example: If a site wishes to establish a secure connection to a user, it can provide the public key to them which the user uses to encrypt the data being sent, the site then uses its private key to decrypt the data back into the original plaintext which can be understood and processed.

What is a Certification Authority (CA)?

The Certification Authority (CA) acts as a trusted third-party. It is usually a well-known company such as GlobalSign, Verisign or Thawte. They will issue the SSL Certificate and are used to verify the owner of the public key. The benefit to using SSL Certificates issued by a trusted CA instead of using “self-signed” certificates, or a certificate from a small unknown company is that most browsers trust the authority by default. This means that it will display the padlock symbols and “green-bars” to show the certificate is valid. However if you use an untrustworthy certification authority it is likely that your users browsers will display warning errors and likely warn them not to proceed to the site.

Conclusion:
SSL provides an easy and effective way to secure connections between users and websites and is a must if you require users to submit any sensitive data. Not only does a SSL certificate add security to the connection it also boosts consumer confidence when using e-commerce systems or providing other sensitive information.
It is cheap and easy to secure your site with a certificate.

Please click here for more info on our dedicated servers, all of which come with free SSL certificates.

Guest Blogger: Dan Rodgers from Dansgalaxy.co.uk / Avid  web-developer, lover of technology, web hosting & server geek.

*UK2.net reserve the right to agree or disagree with our guest bloggers. Call it freedom of speech, but our guest bloggers are entitled to have an opinion. If you wish to agree, disagree or even argue about it, then feel free to leave a comment. Thanks for visiting our blog! If you wish to become a Guest Blogger for UK2, please contact our marketing department.

  • Share this post

Congratulations to our Social Media Competition Winners!

THE WONDERS OF JOOMLA! CMS

3 Comments

Liam Barnett
# 18th January, 2011

Very good post and clear for those who don’t know much on the topic.

Holly LaRocco
# 19th January, 2011

Dan, great post. This is a clear, helpful drilldown on SSL and the role it plays on the Internet. I work for Symantec, and in our efforts to educate users of the importance of protecting their private information online, we teamed up with Common Craft to make this video, “SSL in Plain English.” I think your readers will find the information helpful: SSL in Plain english

Dan Rodgers
# 30th January, 2011

Glad you guys liked it, and that is a very good video!

Leave a Response