An SSL (Secure Sockets Layer) certificate is a digital certificate that authenticates the identity of a website and enables an encrypted connection. SSL is a security protocol that creates an encrypted link between a server and a client, such as a web server and a browser. The certificate serves as an electronic "passport" that establishes an online entitys credentials when doing business on the web. The most important part of an SSL certificate is that it is digitally signed by a trusted Certificate Authority (CA) . Anyone can create a certificate, but browsers only trust certificates that come from an organization on their list of trusted CAs. Browsers come with a pre-installed list of trusted CAs, known as the Trusted Root CA store.
An SSL certificate helps to secure information such as login credentials, credit card numbers, and other sensitive data by encrypting the data in transit between the users browser and the websites server. HTTPS is the secure form of HTTP, which means that HTTPS websites have their traffic encrypted by SSL. Most browsers tag HTTP sites, those without SSL certificates, as "not secure". This sends a clear signal to users that the site may not be trustworthy, incentivizing businesses who have not done so to migrate to HTTPS.
There are different types of SSL certificates with different validation levels. The six main types are:
- Domain Validated (DV) SSL Certificates
- Organization Validated (OV) SSL Certificates
- Extended Validation (EV) SSL Certificates
- Wildcard SSL Certificates
- Multi-Domain SSL Certificates
- Unified Communications (UC) SSL Certificates
SSL certificates can be obtained directly from a Certificate Authority (CA) . Certificate Authorities issue millions of SSL certificates each year.