What is an SSL certificate?
The Secure Sockets Layer (SSL) protects data transferred over http using
encryption enabled by a servers SSL Certificate.
An SSL Certificate is an electronic file that uniquely identifies
individuals and Web sites and enables encrypted communications.
An SSL Certificate contains a public key and a private key. A public key is
used to encrypt information and a private key is used to decipher it. When a
browser points to a secured domain, an SSL handshake authenticates the
server and the client and establishes an encryption method and a unique
session key. They can begin a secure session that guarantees message privacy
and message integrity.
SSL Certificates serve as a kind of digital Passport or credential.
Typically, the "signer" of a certificate is a "Certificate
Authority" (CA), such as VeriSign.
Encryption, the process of transforming information to make it
unintelligible to all but the intended recipient, forms the basis of data
integrity and privacy necessary for e-commerce. Customers submit sensitive
information and purchase goods or services via the Web only when they are
confident that their personal information is secure.
The solution for businesses that are serious about online transactions is
to implement a trust infrastructure based on encryption technology.
The diagram below illustrates the process that guarantees protected
communications between a Web server and a client. All exchanges of SSL
Certificates occur within seconds, and require no action by the consumer.