Computerhelp4all logo Articles AboutTopicsQuizzesComputer Questions & AnswersComputer Terms & DefinitionsActivitiesContact

What Is An SSL Certificate?

What Is An SSL Certificate

Date First Published: 25th June 2022

Topic: Cybersecurity

Subtopic: Security Mechanisms & Technologies

Computer Terms & Definitions

Difficulty: Medium

Difficulty Level: 6/10

Learn more about what an SSL certificate is in this article.

Stands for a Secure Sockets Layer certificate. An SSL certificate is a data file or digital certificate that proves the identity and authenticity of a website so that visitors can trust that it is secure and reliable. They are similar to ID cards or badges that prove someone is who they say they are. SSL certificates are issued by trusted certificate authorities. When an SSL certificate is enabled on a website, it activates the secured HTTPS protocol over port 443 and encrypts communications between browsers and web servers so that sent data can only be read by the intended recipient.

The SSL handshake process takes place in six steps, which include:

  1. A browser attempts to connect to a website.
  2. The browser or server requests that the web server identifies itself.
  3. In response, the web server sends the browser a copy of its SSL certificate.
  4. The browser or server checks to see whether it trusts the SSL certificate.
  5. The web server then returns a digitally signed acknowledgement to begin an SSL-encrypted session and encrypted data is exchanged between the browser and the web server.

What Information Do SSL Certificates Contain?

SSL certificates contain the following information for authentication purposes. The information is publicly visible and can be viewed in web browsers.

  • The name of the website the SSL certificate is issued to.
  • The name of the company the certificate is issued by.
  • The serial number of the certificate.
  • The validity period of the certificate, from the date it is valid to its expiration date.
  • The length of the encryption key.
  • The public key of the certificate holder. This is used to encrypt the data that is being sent through.
  • The digital signature of the certificate holder.
  • The signature hash algorithm.

Duration

For security reasons, SSL certificates expire after a certain period of time, ranging from 3 months to 2 years. This is to help ensure that all certificates are using the latest security standards, that they are maintained by the current certificate owner, to keep the encryption up to date, and to occasionally revalidate the authentication as things change on the internet.

When an SSL certificate expires, visitors will start to receive SSL warnings in their browser and the website will no longer be able to communicate over secure HTTPS until a new one is issued. The warnings may display ‘your connection is not private’, which will show that the site is less than professional. This error is unrelated to the user’s computer. It is just displayed because the website that the user is connected to has not renewed its SSL certificate.

Certificate authorities usually send expiration notifications to remind website owners to renew their SSL certificate. It is recommended for website owners to renew it before its expiration date.

Types Of SSL Certificates

Depending on the type of SSL certificate, one certificate can apply to a single website or multiple websites. The types of SSL certificates include:

  • Single-domain – These apply to only one domain name, such as ‘computerhelp4all.com’.
  • Wildcard – Similar to single-domain, these apply to only one domain name. However, they cover all the subdomains of a domain name, such as ‘10questionquizzes.computerhelp4all.com’.
  • Multi-domain – As suggested in the name, multi-domain SSL certificates apply to multiple domains on a single IP address, regardless of whether they are related to each other. Additional hostnames can be attached to one SSL certificate.

In addition, SSL certificates have different levels of validation. Validation is to prove that the SSL certificate holder owns or controls a domain name. These include:

  • Domain Validation – The least strict level of validation. Users only have to prove that they own or control the domain name.
  • Organisation Validation – A more trustworthy type of validation where the certificate authority contacts the user requesting the certificate. The certificate authority will investigate the individual that is making the application for an SSL certificate. When HTTPS plus company information is included in the certificate details, this indicates that this type of validation was used.
  • Extended Validation – A type of validation that requires a full background check before the SSL certificate can be issued by the certificate authority. It is the strictest level of validation where the certificate authority identifies information about the organisation, such as the physical location and the legal existence. When the name of the company appears in a green address bar in the visitor’s browser, this indicates that this type of validation was used.

Do I Have To Pay For An SSL Certificate?

There are lots of paid SSL providers that offer SSL certificates for a yearly fee, but why pay when there are so many free SSL providers, such as Let’s Encrypt and ZeroSSL? Most decent hosting providers will come with free SSL options for users that allows them to install an SSL certificate in their control panel. For most users, free SSL certificates are just as good as paid ones and there is no need to pay for an SSL certificate unless they need advanced features, such as backwards compatibility and a green bar SSL certificate that provides greater validation and authentication than what a free SSL provider offers. Another difference is that paid SSL certificates usually last for a year or two, whilst free SSL certificates usually last for 90 days before they expire.

CDNs, such as Cloudflare come with SSL features and free SSL redirection. After signing up and activating the SSL option, all non-secure HTTP traffic will be redirected to secure HTTPS. However, if a user ever decided to disable or bypass their CDN, their website may display a non-secure warning to the visitors due to no SSL. Cloudflare also provides wildcard SSL certificates, which cover all subdomains of the domain name. This can be seen when viewing the SSL certificate in a web browser. If an asterisk comes before a domain name, such as *.computerhelp4all.com, it means that the SSL certificate also covers all subdomains of that domain name.


Feedback

  • Is there anything that you disagree with on this page?
  • Are there any spelling, grammatical, or punctuation errors on this page?
  • Are there any broken links or design errors on this page?

If so, it is important that you tell me as soon as possible on this page.


Comments