Use our handy SSL jargon-buster to help explain all the SSL terminology.
SSL Certificate means Secure Sockets Layer Certificate, which is used to encrypt data transmitted (secure SSL transactions) between a browser and web server (and vice versa).
The SSL protocol was developed by Netscape and is supported by most major web browsers such as Internet Explorer, Netscape, AOL and Opera. A SSL certificate issued by a certification authority must be installed on the web server before SSL can function. The URL’s ‘http’ changes to ‘https’ and displays a small padlock icon on most browsers, to indicate that you are on a SSL secured webpage. Clicking on the padlock icon, will display that site’s SSL Certificate.
TLS Certificate means Transport Layer Security Certificate. The TLS protocol is designed to one day supersede the SSL protocol, however, currently very few websites are actually using it.
HTTPS is the acronym for Hyper Text Transfer Protocol Secure. Should a website have their own SSL Certificate on their web server, then the http:// part of their website’s URL will change to read https://, which indicates that the connection will be secured and encrypted.
Domain Validated SSL CERTIFICATE
A Domain Validated SSL Certificate, validates the actual website domain name, rather than the domain name’s owner. The Certificate Authority (CA) checks the right of an applicant to use a specific domain name. This information can be viewed when the Secure Site Seal is clicked by the website’s visitor.
Organization Validated SSL CERTIFICATE
An Organization Validated SSL Certificates, validates the actual website domain name, PLUS some of the company information. The Certificate Authority (CA) runs checks on the company to ensure they are a legal operating company. This additional information can be viewed when the Secure Site Seal is clicked by the website’s visitor.
Extended Validated SSL CERTIFICATE
An Extended Validated SSL Certificate offers the highest industry standard for authentication. The CA performs an in-depth audit of the company applying, and this is done on an annual basis to ensure information integrity.
An EV SSL Certificate provides the best level of customer trust available on the web. When visiting an EV SSL website, the address bar becomes green on the few web browsers that can see high security certificates, e.g. Google Chrome and Internet Explorer. It also displays a field with the name of the legitimate website owner, as well as the name of the security provider that issued the EV SSL Certificate.
A public Certificate Authority verifies the potential certificate owner’s information with a Registration Authority and works within a public key infrastructure. A Certification Authority can also be a network entity that manages and issues digital certificates for data encryption, through security credentials and public keys.
A SSL Certificate may only be issued once the purchaser’s information has been verified by the RA.
GREEN ADDRESS BAR
The Green Bar, Green Address Bar, or Green Browser Bar provides a visual display to customers that the website they are on, is secured with an EV (Extended Validation) SSL Certificate. High security browsers, such as Internet Explorer and Google Chrome, recognize Extended Validated secured websites by turning the URL address bar green.
256 BIT SSL ENCRYPTION
256 Bit SSL Encryption is a higher form of encryption key than the 128-bit size, and affords stronger security. The 256 Bit indicates that the size of the encryption key used to encrypt the data being passed between a web browser and web server is 256-bits. This enables it to be computationally unfeasible to crack and hence is known as strong SSL security.
CSR is short for Certificate Signing Request. The first stage of applying for a SSL Certificate is to create a CSR on your web server. There is certain company and website information that is required to output a CSR file. This file will be needed when you apply for your SSL Certificate.
SSL KEY / PRIVATE KEY
The SSL Key, also known as a Private Key, is the secret key associated with an SSL Certificate and should reside securely on a web server. When creating a CSR the server will also create a SSL Key. When a SSL Certificate has been issued, it needs to be installed on the web server, which marries it the SSL key. As the SSL key is only ever used by the web server it is a means of proving that the web server can legitimately use that SSL Certificate.
The SSL Handshake is the term given to the process of communication between the browser and web server when setting up a SSL session.
The SSL handshake requires the browser receiving the SSL Certificate, to send a ‘challenge’ data request to the web server. This enables it to cryptographically prove that the server holds the SSL key associated with that particular SSL Certificate.
Should the cryptographic challenge be successful then the SSL handshake is completed and the server will hold a SSL session with the browser. During this session any data transmitted between the server and the browser will be encrypted.
SSL PORT / HTTPS PORT
A SSL port, or an HTTPS port, is the port assigned on a web server specifically for SSL traffic. The industry standard port used is port 443 - most networks, firewalls, etc. expect port 443 to be used for SSL. The standard port used for non-secure http traffic is port 80.
A Wildcard SSL allows for the unlimited use of different sub domains on the same domain name. This enables a hosting company to share a single SSL Certificate over multiple websites without the need to issue individual SSL Certificates to each hosting customer. The wildcard certificate allows an organisation to have secure multiple sub domains within its enterprise network. (example, www.domains.co.za and shop.domains.co.za)