SSL Basics

SSL and its Basics

Secute Sockets Layer, Its a protocol used for securely communicatiing over the internet.SSL will encrypt the data between a server and client.If you are using a non-secure site , hacker can easily intercept the data between your browser and webserver.So make sure you are using https(SSL) site on the internet specifically when you are doing online transations.

SSL Certificate
To make your browser and server secure you need SSL Certificate.These certificates contain information about site identity like owner, Trusted Authorities and they have key pair( Public and Private Keys ). You will use public key to encrypt data and private key to decrypt data. Private key is never shared with anyone.

How it works

1. https site ( https://www.amazon.com ) in your browser.
2. Browser contacts webserver ( amazon server ) to identify yourself.
3. Webserver ( typically) sends its copy of SSL certificate + Public key.
4. Browser has a list of trusted certificate authorities and check that certificate
it received is trusted by above CA’s. Also it validates Expiration, DNS name.
5. After validation and browser believes that Certificate is trusted. It starts
encrypting the data and sends Symmetric Session key using the servers public key.
6. Webserver decrypts the symmetric session key with its private key.
7. Webserver sends back to browser to start the encrypted session.
8. Now your browser and webserver are encrypting all of your data over the internet.

There is lot more to know about SSL..