An SSL (Secure Sockets Layer) certificate is a digital certificate that authenticates the identity of a website and enables an encrypted connection. SSL is a security protocol that creates an encrypted link between a server and a client, typically a web server and a browser. The certificate serves as an electronic "passport" that establishes an online entitys credentials when doing business on the web. When a user attempts to send confidential information to a web server, the users browser accesses the servers digital certificate and establishes a secure connection.
The most important part of an SSL certificate is that it is digitally signed by a trusted Certificate Authority (CA) . Anyone can create a certificate, but browsers only trust certificates that come from an organization on their list of trusted CAs. Browsers come with a pre-installed list of trusted CAs, known as the Trusted Root CA store. An SSL certificate issued by a CA to an organization and its domain/website verifies that a trusted third party has authenticated that organization’s identity. Since the browser trusts the CA, the browser now trusts that organization’s identity too.
An SSL certificate helps to secure information such as login credentials, credit card numbers, and other sensitive data by encrypting the data in transit. There are different types of SSL certificates with different validation levels. The six main types are:
- Domain Validated (DV)
- Organization Validated (OV)
- Extended Validation (EV)
- Wildcard
- Multi-Domain
- Unified Communications (UC)
The most expensive type of SSL certificate is the Extended Validation (EV) certificate, which tends to be used for high-profile websites that collect data and involve online payments. When installed, this SSL certificate turns the address bar green in high-security browsers, providing the most visible assurance to users.