Enhancement of data transfer safety level and the growth of the SSL technology is due to the increasing number of online transactions.
Daily used, the SSL protocole is totally transparent and works without any manipulation from the webuser.
What is it ? How does it work ?
Developed by Netscape, the SSL (Secure Socket Layer) or TLS (Transport Layer Security), is a protocole used to secure online transactions.
It has several missions:
The SSL protocole creates a communication channel between a client and a server independently from the protocole, it secures online transactions (HTTP protocole) as well as FTP, IMAP or POP protocoles connexions.
That communication channel is an opaque tunnel that prevents anybody to see the content of the transaction.
In a schematic way:
Non-secured tranfer, no SSL certificate: A see-through communication tunnel, information can be seen by anybody.
SSL-secured transfer:
opaque communication tunnel.
Data cannot be seen.
It can be compared to the mechanism of a lock (public key) and its key (private key):
The private key is saved on the server.
The public key, known by anybody encrypts sending datas, that are decoded on the server by the private key.
A SSL certificate is a digital ID whose goal is to identify the owner of a server, a website or an Email address.
It is issued by a trusted third part called a certification authority,such as Thawte,that testifies the certificate's owner identity.
To make the SSL security work (for online transactions for example) a server certificate is required.
A server certificate carries:
When surfing, a webuser can see information about websites on the address bar.
On Firefox 3 :
Firefox 3 discerns 5 kinds of websites according to the information they deliver. Each kind owns its proper warning alert:
A Wildcard certificate can secure several subdomain names (such as:*.domain.com). It works the same way than a classical server certificate and carries the same kind of information.
Instead of displaying a classical domain name,it contains a generic web address : *.domain.com.The star is instinctively replaced by the browser that searches if a certificate has been issued for the subdomain.
The multiple sites technology enables several websites,hosted on a same server, to be secured by one certificate. It prevents websites owners to purchasing a different certificate for each one of their sites.
That kind of certificate is issued by GlobalSign.You can secure 6 SANs (Subject Alternative Names) with the GlobalSign UCC.
Pros of the multiple sites certificate :