Using SSL certificates

Secure Sockets Layer (SSL) is a protocol that is used to transmit private documents through the Internet. SSL creates a secure connection between a client and a server over which any amount of data can be sent securely. SSL works by using a private key, known to the client browser to encrypt data transferred over the SSL connection. This encrypted data is then decrypted by the private key present on the Web server, where the SSL certificate is installed. The addresses (URLs) of Web pages that require an SSL connection start with https rather than the conventional http.

If your site stores sensitive data, such as customer profiles or if you are using your site for e-commerce, you should secure your site. To secure a site, you need to obtain a Secure Sockets Layer (SSL) certificate from a Certificate Authority.

Obtaining a SSL certificate is a three-step process:

1. Generating a SSL certificate request.

2. Sending the request to a Certificate Authority.

3. Assigning the certificate to your Web site.

You can choose to self-generate a SSL certificate; however, the self-signed certificate can give Web users a lower sense of security.

To obtain a proper certificate, you must send the generated certificate request to the Certificate Authority (CA). The CA will send you a SSL certificate, usually through email. Once you receive the certificate from the CA, you can install/assign the certificate to your Web site.