You’ll see SSL in action if you use the web’s most popular websites. For example, go to Google or Facebook. You will see two things in your browser that show you that these websites have made a secure connection between their web servers and your browser.
⇨ HTTPS: the first is the address of the website. Standard websites start with HTTP, but websites that feature an SLL certificate append an “S” to this, giving HTTPS.
⇨ Padlock: you will also see a locked padlock in the address bar of your browser, somewhere beside the address of the website.
—How it Works—
SSL stands for Secure Sockets Layer and it works by encrypting the connection between your users and your web server. To make it work on your website you need an SSL certificate.
⇲ Here is a simplified explanation of the process:
⌁ A user visits your website by clicking on a link or typing your address into the address bar of their browser
⌁ Your web server responds to the request by sending its SSL certificate and a public key
⌁ The user’s browser checks the certificate and then uses the public key to create an encrypted key, which is sent back to your server
⌁ Your server decrypts this and actions the request (processes a payment, loads a webpage, logs in to a website etc) and sends the information back to the user’s browser with the encrypted key
⌁ The user’s browser decrypts the information and displays it on screen
The whole process takes a split second, but it ensures a secure connection is established.
—Why is it Important?—
SSL certificates secure the data sent between your server and your user’s computer in a way that cannot be tampered with. This data could be information, login details, or payment information.
For example, when you type a search into Google.com, it is impossible for someone to eavesdrop on the phrase you are searching for. Similarly, when you log into Facebook, it is not possible to intercept and decipher your password while it is in transit between your computer and Facebook’s servers. And, when you send payment information to PayPal, a hacker cannot listen in and swipe your credit card number.
Your users are afforded the same protections when you install an SSL certificate.