SSL Certificate

 

SSL (Secure Socket Layer) / TLS (Transport Layer Security) is the most common security protocol that creates a secure channel between two communicating machines on the Internet or an internal network. It allows securisation of any application protocol based on the TCP / IP stack, such as HTTP, LDAP, SMTP, FTP, etc. In practice, proven SSL implementations mostly apply to HTTP and LDAP giving rise to known protocols HTTPS (HTTP over SSL) and LDAPS (LDAP over SSL). SSL offers the following security services:

  • confidentiality ;
  • integrity ;
  • server authentication ;
  • client authentication (by certificate since version 3).

A SSL certificate, also called "server" certificate  is a data file that binds cryptographic key to an organization or an individual information. Installed on a web server (Microsoft IIS, Lotus, Apache, etc.), it activates the "https" protocol (over port 443) in browsers to ensure a secure connection between the web server and browser. This protocol is typically used to secure bank transactions, data transfer and connection information such as user names and passwords.

Once the SSL certificate installed on a site, visitors can access it through a "https" connection  which indicates the server to establish a secure connection with the browser. When the secure connection is established (usually transparent to the user), all traffic between the server and the browser will be secure. Users are notified of the presence of SSL security by displaying a padlock Capture and protocol "https" in the url. Recently, SSL became the standard for secure use of social networking sites.

Applications that most often require SSL certificates have common features including:

  • Data sent over the Internet must remain confidential. In other words, people do not want their credit card number, their login information, passwords or personal information to be exposed ;
  • The data shown in the transaction (amount, recipient,etc.) should remain unchanged ;
  • Organizations must authenticate to their clients and extranet users, and ensure their identity ;
  • Organizations must comply with regional regulations, national or international privacy, security and data integrity.
joomla templatesjoomla template