Today, information security in the worldwide network is one of the most important issues. How to secure your web resource from hacking and leaking information? What is an SSL certificate? What is the difference between HTTPS and HTTP? In this article you will find answers that will be clear even if you do not have any special knowledge.
Secure Sockets Layer (a layer of secure sockets) is a protocol used by a variety of resources to protect information on the Web. Gives the guarantee of a secure server connection to the visitor’s computer. When using SSL, the data is sent in encrypted form via HTTPS, which can be decrypted with a special key. When transmitting over the HTTP protocol, you do not need to decrypt the data. To work with SSL-protocol, you must install the appropriate SSL-certificate.
This is a unique digital signature of the site. It is necessary for all organizations that collect and store personal data in an electronic form on the server to protect transactions and collected information.
The SSL certificate contains:
- data of the certificate holder;
- domain name of the site;
- the address of the certificate holder;
- requisites of the certification authority (CA).
- The site’s signature confirms the ownership of the domain of the operating company, as well as the legality of using the secret key.
HTTP and HTTPS: what’s the difference
HTTPS (Hyper Text Transfer Protocol Secure) is an advanced HTTP that uses encryption. The information transmitted over HTTP is added to the TLS protocol and transmitted through port 80. HTTPS by default uses 443 port and an encrypted SSL protocol.
In order for a web server to handle HTTPS connections, it is necessary to install the received certificate on the site. It consists of two parts (keys) – private and public. Public key – encrypts traffic from the customer to the server, and private serves to decrypt the traffic on the server received from the customer. After creating private and public keys in the CA, a query is created based on the public key.
Types of SSL certificates
Domain Validation. Certificates with domain control. Have an initial level of protection, the most popular in the world. Certificates are issued within 5-10 minutes. Do not require supporting documents. Suitable for small sites and projects.
Business Validation. Certificates with company verification. Used by organizations that care about the trust of customers. The CA performs more serious checks, including requiring the submission of company documents and calling the organization before issuing the certificate.
Extended Validation. Certificates with extended verification, provide the site with a green address bar. Most often found in financial institutions, online systems with a significant number of visitors.
Wildcard. Certificates with support for subdomains. Are able to protect all subdomains on any number of servers.
Confirm domain ownership
Regardless of the type of certificate chosen, you must confirm ownership of it. This can be done in many ways.
by email. The CA sends a letter containing a link to confirm the domain. The letter can be sent to the mail indicated in your domain or to one of five “golden” addresses: administrator @, admin @, hostmaster @, webmaster @, postmaster @;
using a DNS record. If the mail server is configured, private registration restricts mail to Whois. You need to create a DNS record, and the CA will test it. The procedure is automatic;
with the help of txt-file. The user is provided with a file that is uploaded to the server. The CA checks its presence on the site. The procedure is automatic.