How does SSL encryption actually work?
An SSL Certificate is a piece of code called a digital computer file which serves a dual function. Namely, Site Authenticity and Verification, as well as Encryption of the Data being transferred between your browser and that website.
Theoretically it is similar to locked doors being opened with the appropriate key. Encryption is similar, in that the ‘key’ becomes a piece of code for you to unlock the information that you are trying to access.
Each SSL session has 2 Keys
Public Key: This is used to encrypt the information and make it unreadable.Private Key: This is used to decrypt the encrypted information into a readable format again.
The Process:Each individual SSL Certificate is for a specific server and website domain. When the website is accessed, the SSL Certificate code acknowledges it via a 'handshake' between the browser and the server. When it has been accepted, the encrypted information is now decrypted and displayed in the browser. The key that has been generated is only applicable to that session on that browser.
The browser will display a padlock in the address bar, when displaying an SSL certified website. When clicking on the padlock icon, it will display additional information about the SSL Certificate, for example:
- the domain name
- the period of validity
- the Certificate type
- the issuing Certification Authority