The SSL certificate confirms that the domain belongs to a real company and that its owner has the right to use the secret key legally. If earlier it was accepted that SSL is needed only for e-commerce sites, today absolutely everyone needs it. SSL (Secure Sockets Layer), is a protocol used to secure and encrypt communication between computers. As a professional and a person who wants to build a trustable relationship with the customer, you should buy an SSL certificate. Everyone wants to feel safe no matter where they are, sitting at home or surfing the internet. The SSL certificate contains the following information:
- domain name for which SSL certificate is issued;
- legal entity holding the certificate;
- certificate holders location (city, country);
- certificate validity period;
- details of the SSL certificate provider.
To know the SSL certificate existence on a site is quite easy. The sites without certificate display "http://", while with a certificate "https://."
Two functions of SSL:
Authentication and Verification: The SSL certificate contains information about the authenticity of data relating directly to the personal data of a person, companies, or websites that this certificate will display to site visitors after clicking the lock symbol or browser trust sign.
Data encryption: SSL certificate also includes encryption. We are all more or less familiar with encryption. Сconfidential information that we exchange through the site cannot be intercepted by third parties or read by anyone other than the recipient directly.
How does it work?
At the heart of any encryption method is the key. A key is a way to encrypt or decrypt a message. Two keys are involved in the work of the SSL certificate: public and private.
The public key encrypts the message. The browser uses it when it is necessary to send user data to the server. For example, after you enter your credit card information and click on "Pay." This key is visible to everyone; the browser attaches it to the message.
The private key decrypts the message. It is used by the server when it receives a message from the browser. This key is stored on the server and is never transmitted along with the message.
Public and private keys are generated once when creating a certificate issuance request. Encryption with two different keys is called asymmetric. Using this method is safer but slower. Therefore, the browser and server use it once: to create a session key.
Types of certificate
DV (Domain Validation) - check only the domain name. It reliably protects the connection with the HTTPS protocol and confirms the rights to the claimed domain. This is a great choice for entry-level, which is suitable for both individuals and legal entities.
OV (Organization Validation) - is a domain and organization verification. In addition to confirming the authenticity of a domain name, it indicates the authenticity of the organization that owns it. It can only be issued to legal entities.
EV (Extended Validation) - Advanced Validation of the organization. The most reliable and prestigious certificate, which confirms not only the domain rights of the organization but also the legality of its activities, as well as the actual existence. The authorization center conducts a thorough check of the legal entity according to certain criteria, after which the address bar with the name of the company will be highlighted in green.
Hostimul.comoffers a free SSL certificate for everybody who will purchase wordpress and shared hosting.