SSL Certificate Definition
SSL is an acronym for Secure Sockets Layer, an encryption technology that was created by Netscape,SSL Certificate is a small data files that digitally bind a cryptographic key to an organization’s details.
SSL creates an encrypted connection between web server and visitors’ web browser allowing for private information to be transmitted without the problems of eavesdropping, data tampering, or message forgery.
SSL is Cryptographic protocols that provide communications security over a computer network.
The history of SSL Certificate
The SSL protocol was developed by Netscape Communications in the 1990s. The company wanted to encrypt data in transit between its flagship Netscape Navigator browser and Web servers on the Internet to ensure that sensitive data, such as credit card numbers, were protected. Version 1.0 was never publicly released and version 2.0, released in February 1995, contained a number of security flaws. Version 3.0 involved a complete redesign and was released in 1996. Even though it was never formally standardized — the 1996 draft of SSL 3.0 was published by IETF as a historical document in RFC 6101 — it became the de facto standard for providing communication security over the Internet.them. In order to use the SSL protocol, a web server requires the use of an SSL certificate. SSL certificates are provided by Certificate Authorities (CAs).
After the IETF officially took over the SSL protocol to standardize it via an open process, version 3.1 of SSL was released as Transport Layer Security 1.0 TLS 1.5 and introduced security improvements to mitigate weaknesses that had been found in earlier versions. (The name was changed to avoid any legal issues with Netscape.) Many attacks against SSL have focused on implementation issues, but the POODLE vulnerability is a known flaw in the SSL 3.0 protocol itself, exploiting the way in which it ignores padding bytes when running in cipher block chaining (CBC) mode. This flaw could allow an attacker to decrypt sensitive information such as authentication cookies. TLS 1.0 is not vulnerable to this attack because it specifies that all padding bytes must have the same value and be verified.
Other key differences between SSL and TLS that make TLS a more secure and efficient protocol are message authentication, key material generation and the supported cipher suites with TLS supporting newer and more secure algorithms. TLS and SSL are not interoperable, though TLS provides backwards compatibility in order to work with legacy systems. TLS 1.2 is the latest version.
SSL Certificate Behavior
When SSL certificate is successfully installed on your web server, the Hypertext Transfer Protocol (also known as HTTP) will change to HTTPs (HTTP over SSL or HTTP Secure) , where the ‘S’ stands for ‘secure’ .
Depending on the type of certificate you purchase and what browser you are surfing the internet on,
a browser will show a padlock or green bar in the browser when you visit a website that has an SSL Certificate installed without interrupting user actions.
