What is an SSL Certificate?
An SSL certificate is a security tool, which enables e-commerce or
other secure communications on the Web. An SSL certificate provides
- Confirmation of Identity
The party receiving the information (i.e. the party controlling the
server) is the party to whom the communication is intended (i.e. not
some wily imposter).
The user's information will not be intercepted and interpreted
(by some wily eavesdropper) between the user's browser and the
The assurances obtained by SSL Certificates
are a necessity for all e-commerce implementations and any communication
in which confidential information is exchanged. Internet browsers
can rest assured that their communications are secured by a properly
authenticated SSL certificate as evidenced by the appearance of
a little padlock in the frame of their Internet browser.
Technically, an SSL certificate is
a statement digitally signed by a Certification
Authority (CA) that uses a properly authenticated Private
Key/Public Key pair to bind a public
key to an identity. This provides independent confirmation
of the identity of an entity. More formally, a certificate is
a computer-based record which:
- Identifies the Certification Authority issuing it
- Names, identifies, or otherwise describes an attribute of the subscriber
- Contains the subscriber's public key
- Contains the digital signature of the CA issuing it
- Provides a date range over which the certificate is valid
To obtain an SSL certificate, a Private
Key/Public Key Pair must be generated on the server and then authenticated
by a Certificate Authority (CA), which has the requisite recognition
in the browser software.