What is an SSL certificate and how does it protect websites?

What is an SSL Certificate?

 

SSL stands for Secure Sockets Layer, which is a standard technology for keeping an internet connection secure and safeguarding any sensitive data that is being sent between two systems, preventing criminals from reading and modifying any information transferred, including potential personal details. It does this by making sure that any data transferred between users and sites, or between two systems remain impossible to read. It uses encryption algorithms to scramble data in transit, preventing hackers from reading it as it is sent over the connection. This information could be anything sensitive or personal which can include credit card numbers and other financial information, names, and addresses.

 

How does it protect websites?

  1. A browser or server attempts to connect to a website (i.e., a web server) secured with SSL.

  2. The browser or server requests that the web server identifies itself.

  3. The web server sends the browser or server a copy of its SSL certificate in the response.

  4. The browser or server checks to see whether it trusts the SSL certificate. If it does, it signals this to the webserver.

  5. The web server then returns a digitally signed acknowledgment to start an SSL encrypted session.

  6. Encrypted data is shared between the browser or server and the webserver.

Types of SSL certificate

There are different types of SSL certificates with different validation levels. The six main types are:

  1. Extended Validation certificates (EV SSL)

  2. Organization Validated certificates (OV SSL)

  3. Domain Validated certificates (DV SSL)

  4. Wildcard SSL certificates

  5. Multi-Domain SSL certificates (MDC)

  6. Unified Communications Certificates (UCC)


1. Extended Validation certificates (EV SSL)

This is the highest-ranking and most expensive type of SSL certificate. It tends to be used for high-profile websites which collect data and involve online payments. When installed, this SSL certificate displays the padlock, HTTPS, name of the business, and the country on the browser address bar. Displaying the website owner's information in the address bar helps distinguish the site from malicious sites. To set up an EV SSL certificate, the website owner must go through a standardized identity verification process to confirm they are authorized legally to the exclusive rights to the domain.

2. Organization Validated certificates (OV SSL)

This version of the SSL certificate has a similar assurance similar level to the EV SSL certificate since to obtain one; the website owner needs to complete a substantial validation process. This type of certificate also displays the website owner's information in the address bar to distinguish it from malicious sites. OV SSL certificates tend to be the second most expensive (after EV SSLs), and their primary purpose is to encrypt the user's sensitive information during transactions. Commercial or public-facing websites must install an OV SSL certificate to ensure that any customer information shared remains confidential.

3. Domain Validated certificates (DV SSL)

The validation process to obtain this SSL certificate type is minimal, and as a result, Domain Validation SSL certificates provide lower assurance and minimal encryption. They tend to be used for blogs or informational websites – i.e., which do not involve data collection or online payments. This SSL certificate type is one of the least expensive and quickest to obtain. The validation process only requires website owners to prove domain ownership by responding to an email or phone call. The browser address bar only displays HTTPS and a padlock with no business name displayed.

4. Wildcard SSL certificates

Wildcard SSL certificates allow you to secure a base domain and unlimited sub-domains on a single certificate. If you have multiple sub-domains to secure, then a Wildcard SSL certificate purchase is much less expensive than buying individual SSL certificates for each of them. Wildcard SSL certificates have an asterisk * as part of the common name, where the asterisk represents any valid sub-domains that have the same base domain. For example, a single Wildcard certificate for *website can be used to secure:

  • payments.yourdomain.com
  • login.yourdomain.com
  • mail.yourdomain.com
  • download.yourdomain.com
  • anything.yourdomain.com

5. Multi-Domain SSL Certificate (MDC)

A Multi-Domain certificate can be used to secure many domains and/or sub-domain names. This includes the combination of completely unique domains and sub-domains with different TLDs (Top-Level Domains) except for local/internal ones.

For example:

  • www.example.com
  • example.org
  • mail.this-domain.net
  • example.anything.com.au
  • checkout.example.com
  • secure.example.org

Multi-Domain certificates do not support sub-domains by default. If you need to secure both www.example.com and example.com with one Multi-Domain certificate, then both hostnames should be specified when obtaining the certificate.

6. Unified Communications Certificate (UCC)

Unified Communications Certificates (UCC) are also considered Multi-Domain SSL certificates. UCCs were initially designed to secure Microsoft Exchange and Live Communications servers. Today, any website owner can use these certificates to allow multiple domain names to be secured on a single certificate. UCC Certificates are organizationally validated and display a padlock on a browser. UCCs can be used as EV SSL certificates to give website visitors the highest assurance through the green address bar.

It is essential to be familiar with the different types of SSL certificates to obtain the right type of certificate for your website.

Was this answer helpful? 0 Users Found This Useful (0 Votes)