SSL Jargon Buster
Whether you’re a small business or an enterprise level organisation, securing your customers’ data connections to your servers is hugely important. Since the purchase of Verisign, Symantec have all aspects of internet security covered, but do you know what all the lingo actually means?
SSL - Secure Sockets Layer
SSL is what is known as a protocol which allows secure communication over the internet. The protocol describes a set of events that happen incredibly quickly between the client (the customer’s browser) and the server (your web server). In this “conversation”, the client and server tell each other their capabilities and set up encryption. After that point, any communication that follows will be encrypted and so cannot be detected. This process happens almost instantly and is the part of SSL that does the actual encrypting.
An SSL certificate is part of the “conversation” that happens between a client and server as described above. The certificate itself is proof of identity of the server and is given to the client to allow the client to decide whether or not to trust the server and initiate the secure connection.
CA - Certificate Authority
The Certificate Authority is an organisation that has trust arrangements with the various browser vendors such as Google Chrome, Mozilla Firefox and Microsoft Internet Explorer to include their Certificate Authority certificates in their browsers. The Certificate Authority uses these CA certificates to digitally sign your request for an SSL certificate. By using this special signature (which is included in your browser by default), it means that when your SSL certificate is given in the SSL “conversation”, it is then trusted automatically, providing the certificate has not been revoked. Essentially the CA helps the browser to decide whether your SSL certificate is good to trust or not.
CSR - Certificate Signing Request
This is just a document that you send to your Certificate Authority so that they can generate a valid SSL certificate. The document contains information about you, your organisation and the server the SSL certificate will be used on - such as the domain name.
EV - Extended Validation Certificate
An Extended Validation SSL certificate is similar to a regular SSL certificate except the Certificate Authority takes extra measures to check the identity of the request for an SSL certificate. EV certificates usually make the browser address bar appear “green” signifying extra trust in the server.
As a business owner, educating yourself on internet security will help you to ensure that your clients and customers feel safe to put their trust into your web presence. This can only be a good thing when it comes to improving sales, attracting new custom and growing your business.