SSL/TLS Certificate SSL/TLS Certificate

What is an SSL Certificate?

Internet security is completely useless without Digital certificates. Secure Sockets Layer (SSL) certificates, also called digital certificates, can be used to establish an encrypted connection between user’s computer and a website or a server. The SSL connection protects sensitive information, such as credit card details, exchanged during each visit, also called a session, from being intercepted from non-authorized parties.

SSL/TLS

  • Server sends a copy of its asymmetric public key to browser.
  • Browser creates a symmetric session key and encrypts it with the server’s asymmetric public key then sends it to the server.
  • Server decrypts the encrypted session key using its asymmetric private key to get the symmetric session key.
  • Server and browser now encrypt and decrypt all transmitted data with the symmetric session key. This allows for a secure channel because only the browser and the server know the symmetric session key, and the session key is only used for that specific session. If the browser was to connect to the same server the next day, a new session key would be created.