SSL stands for secure sockets layer which allows data to
transfer between points in a secure environment.
SSL encrypts the connection between the client computer
(customer) and the web server (your website). SSL enables
your customers browser to connect to your web site and transparently
negotiate a secure communication channel ensuring that information
such as credit card numbers are exchanged securely.
SSL encryption makes it extremely difficult for anyone
to intercept and read information between your computer
(the client) and the server to which you are making a connection.
How does SSL work?
SSL uses a technique called public-key encryption, where
each side of the transaction has a shared public key, and
a private key that is not shared. Data encrypted with the
public key can only be decrypted with the private key. Each
side encrypts its data with the remote ends public key,
so that only the destination and no intermediary can decrypt
the transmission and access data.
Unlike displaying a regular web page, when a person requests
a secured web page (https://) the browser and the server
must go through a series of requests and acknowledgments
which take place automatically.
Below is an example of the procedure :
- You enter a URL such as https://www.server-admins.net
in your browser window.
- The https indicates that you want your browser to initiate
a secure session with the server.
- The server responds by sending the sites certificate.
- The browser checks the certificate information for validity.
- The browser then creates a session key, which is encrypted
with the servers public key, and sends it to the server.
- The server then decrypts this information using its
Both the browser and server are now using the same secret
session key, and the padlock icon will appear on your browser
window. All further information sent between the browser
and the server is encrypted, provided that the url to the
site does not change from https to http.
Do I need a SSL for my website?
If you plan on accepting credit cards or other customer
information that may be personal you should make use of
an SSL in order to reassure your customers that the information
transmitted is encrypted.