How does SSL Certificate work?

Can any one tell me how does SSL Certificate work? I created SSL Certificates for my websites but really I don't know how it is created and how it works.

The SSL communication, begins with the SSL handshake process, which allows the browser to verify the web server.

1. When we browse to a website secured with SSL (https), the browser pass certain information, which includes the browser's SSL version number, cipher settings, session-specific data and other information that the server needs to communicate with the browser/client using SSL.

2. In return, the server respond with the server's SSL version number, cipher settings, session-specific data, an SSL certificate with a public key and other information that the client needs to communicate with the server over SSL.

3. The browser verifies the server's SSL certificate from CA (Certificate Authority) and authenticates the server. The browser creates a session key, encrypts it with the server's public key and sends it back to the server.

4. The server decrypts the symmetric session key using its private key and sends back an acknowledgement encrypted with the session key to start the encrypted session.

Now the handshake process is completed.

At the end of the SSL handshake, both the client and the server have a valid session key which they will use to encrypt or decrypt actual data on further SSL communication.

Hello,

SSL works through the use of public key cryptography. Public key cryptography uses two keys – a private key and a public key – to transmit secure data between two systems. These keys are essential to respectively decoding and encoding secure data.

Step-by-step, here’s how SSL works:

1. A user connects to an SSL-enabled service such as a website.
2. The user’s application requests the server’s public key in exchange for its own public key. This public key exchange provides ways for both parties to encrypt messages that only the other party can read.
3. When the user sends a message to the server, the application uses the server’s public key to encrypt the message.
4. The server receives the user’s message and decrypts it using its private key. Messages sent back to the browser are encrypted in a similar way using a public key generated by the user’s application.

Public key cryptography is similar to using a padlock. The padlock itself is the public key and the combination is the private key. The server distributes its padlock, which anyone can use to lock a door or a box. However, the padlock can’t be opened without the combination, which only the server knows.

One of the most important parts of an internet business is to create a trustworthy environment in which potential clients feel comfortable conducting transactions. SSL certificates provide a foundation of trust by establishing a secure connection. To inform users that their connection is safe, browsers offer visual signals known as EV indicators, which can range from a green padlock to a branded URL bar.

Public and private key pair is used in SSL certificates. To construct an encrypted connection, these keys are combined. The certificate's "subject," or the identity of the certificate's/owner, the website is also included.

You install the SSL certificate on your server once you receive it. By chaining your SSL certificate to your CA's root certificate, you can install an Intermediate certificate that establishes your SSL certificate's authenticity. Self-signed root certificates are the foundation of an X.509-based Public-Key Infrastructure (PKI). Root certificates are required by the PKI that supports HTTPS for secure web browsing and electronic signature protocols.

When a website is secured with a signed SSL certificate, it verifies and authenticates the organization's identification with a trusted third party; because the browser trusts the CA, the browser now trusts the organization's identity as well.

The simplest approach to discover if a website has an SSL installed is to open it in your browser and see if the URL begins with "HTTPS," which indicates that the server has an SSL certificate installed. To display the certificate information, click the padlock icon in the address bar.

HyperText Transfer Protocol (HTTP) is used by web browsers to connect to web servers, which by default listen on TCP port 80. Because HTTP is a plain-text protocol, a hacker can easily intercept and read data while it is in transit. It is insufficient for any application that requires confidentiality.

SSL encrypts data sent between the browser and the server and authenticates the user via port 443. As a result, when communications between a web browser and a server must be safe, the browser switches to SSL automatically – as long as the server has an SSL certificate installed.

The user encounters no additional obstacles while connecting to a server that has a certificate signed by a trustworthy CA. When a user accesses an SSL-secured website, they are more likely to provide personal information or make a purchase using their credit card. Furthermore, having an SSL certificate on your website enhances your ranking, making it easier for visitors to find you.

A website's reliability is attested by an SSL certificate, but with more advanced certificates, the entire firm can be SSL certified.

An SSL (Secure Socket Layers) certificate is a procedure for permitting data encryption on the Internet. An SSL certificate defends delicate communication on your website by creating a protected connection between web browsers and servers, server to server and web based applications. In other words, SSL certificates let info, such as data transfer, login credentials, social safety numbers and credit card, to be directed strongly.

When you connect an SSL certificate on your web server you can deal your server definitely by using "https" with your domain name. Once a browser connects to a secure site it saves its SSL certificate and make sure that it is not expired, that it has been delivered by a CA (Certificate Authority) that is reliable and that it is used for the purpose issued.

So who required an SSL certificate?

Here are a few instances of websites that required SSL server certificates:

Websites that comply with privacy and security requirements.
Websites that accept online orders and credit cards.
Websites that have a login or sign in.
Websites that process sensitive information.

SSL certificates are a way to ensure that your website is secure and that it's not easy for an outsider to access it. They work by encrypting the information sent between your server and the browser that loads another site, so even if someone were to intercept the information from your site, they wouldn't be able to read it.

The most common type of SSL certificate is the one issued by VeriSign, whose name you'll see on websites such as Google, Facebook, Yahoo!, and many other popular sites.

However, there are other types of certificates out there. One type is called an EV SSL certificate (Evaluation of SSL Certificates), which is only issued after an organisation has undergone an evaluation process that evaluates its security standards. And another type is known as a Wildcard SSL certificate—these are used when multiple websites need to be secured with the same certificate but don't have any specific domains set up for them yet.