- January 21, 2021
- 2 minute read
Nowadays, the biggest and the most critical concern in the world of Web business are privacy and security. Without security, there is no customer trust, and without customer trust, a web business won't be able to go a long way. So let's talk about SSL.
SSL is an acronym for Secure Sockets Layer - it's a standardized protocol that provides privacy and confidentiality between two applications communicating using TCP/IP. In other words, it allows sensitive info such as credit card numbers, social security numbers and login credentials to be transmitted securely.
Why do we need SSL? Simple; because data sent between browsers and web servers is sent in plain text—leaving you vulnerable to eavesdropping. The HTTP protocol uses SSL to secure communications between a server and the browser. Without SSL, an attacker is able to intercept all data being sent between a browser and a web server and see and use that information. Your customers won't trust your website without an SSL certificate.
Statistically, nearly 70% of online shoppers cancel online orders because they don't trust the transaction. An SSL certificate and a site seal is a must have for a retail website in this age of the web. No SSL = 0 conversions.
1. It establishes integrity of the communication by checking the identity of the server; the browser verifies that the server's certificate is valid and being used by a website for which it has been issued by a Certificate Authority that the browser can trust.
2. It provides a cryptographic key of the server - that key is used to encrypt all the data sent between the server and the client preserve and protect the data, making it safe from any unwanted use. That way, all the user's sensitive data doesn't get stolen and the user's privacy is safe.
A SSL certificate is basically like a electronic ID card that are issued to servers by trusted authorities. Just like servers, clients can also have certificates, but unlike a server, a client certificate is not mandatory for SSL communication.
When a browser attempts to access a website that is secured by SSL, the browser and the web server establish an SSL connection using a process called an SSL Handshake. It's invisible to the user and happens instantaneously. Essentially, three keys are used to set up the SSL connection: the public, private, and session keys. Anything encrypted with the public key can only be decrypted with the private key, and vice versa. Then the session begins and 5 steps take place:
1. Browser connects to a website secured with a SSL. The server starts identifying itself at the browser's request.
2. The Server sends a copy of it's SSL, including the public key.
3. The Browser checks the certificate root. If everything checks out, it creates, encrypts and sends back a symmetric session key using the server's public key.
4. The Server decrypts the symmetric session key and sends back an acknowledgement encrypted with the session key to start the encrypted session.
5. Server and Browser now encrypt all transmitted data with the session key and the transaction takes place.
How to choose the right SSL certificate? It depends a lot, based on the organizational and technical concerns, every business is different. There are a few guidelines though:
Establishing a SSL session requires multiple round trip communications between client and server. This can result in a significant performance penalty and a poorer end-user experience. With a CDN, the negotiation between a Server and a Browser is always local to the end-user resulting in no delay. Leveraging a CDN means fast, consistent and secure performance anywhere around the globe. Custom SSL certificates provided by CDNs are often easy to deploy. If you already have a SSL, you can integrate it to a CDN. A lot of CDN providers offer SSL certificates for minimal costs or even for free.
Other than securing privacy and confidentiality, CDNs are also known for keeping websites secure from DDoS and other threats, ensuring the highest levels of customer trust and safety. Combined with fast performance, it’s a must have for the best web experience possible.