What is SSL? ‡ SSL stands for Secure Sockets Layer.

‡ It·s a form of information security provided for websites and online information transfer.

Need for SSL

What is an SSL certificate? ‡ An SSL certificate is like an online ID card that assures a website·s visitors that the website belongs to a verified company. ‡ In addition to this, SSL certificates also encrypts data that flows to and from the website. ‡ Purchased from a web services company which is called a Certificate Authority.

SSL Certificates 1. Company asks Certificate Authority for a certificate 2. CA creates certificate and signs it 3. Certificate installed in server 4. Browser issued with root certificates 5. Browser trusts correctly signed certificates

Certificate Contents

‡ ‡ ‡ ‡ ‡ ‡ ‡ ‡ ‡ ‡ ‡

Version Serial Number Algorithm ID Issuer Validity Company Details Public key Identifier for Issuer Identifier for Company Signature Algorithm Signature ² hashing all details into a number

Certificate Authority ‡ Web services company ‡ Functions: ± Researches Companies ± Checks References ± Assures Identity

CAs

SSL connection 1. 2. 3. 4. 5. Computers agree on type of encryption Server sends SSL certificate Your computer starts encrypting The server says ´Start encryptingµ All messages are now encrypted

‡ If everything checks out, the computers form an initial connection called a handshake.

‡ The two computers communicate and decide what type of encryption/scrambling is to be used.

SSL in Different Browsers

Thank You

Sign up to vote on this title
UsefulNot useful