SSL certificates – Secure Sockets Layer – create an encrypted connection and establish trust. One of the most important components of an online business is to create an environment of trust where potential clients feel confidence while shopping. SSL certificates create a basis of trust by establishing a safe connection. To ensure a safe connection to users, browsers give visual clues, such as a lock icon or a green bar.
The SSL certificates have a pair of keys: a public key and a private key. These keys work together to establish an encrypted connection. The certificate also has what is called “the subject”, which is the identity of the holder of the certificate/website.
To get the certificate one must ask a Certificate Signing Request (CSR) to their server provider. This process creates a private key and a public key in your server. The CSR data archive that you send to the SSL Certificate issuer (Certification Authority or CA) has the public key. The CA uses the CSR data archive to create a data structure that combines its private key without compromising the key itself. CA never sees the private key.
After receiving the SSL certificate, install your server as an intermediate certificate that establishes the credibility of your SSL Certificate, binding it to the CA root certificate. The instructions on how to install and test your certificate will be different, depending on your server. The most important part of an SSL certificate is that it is digitally signed by a trusted CA, such as DigiCert. Anyone can create a certificate, but browsers only trust certificates that come from an organization that is on its trusted CA list.
Browsers have a pre-installed list of trusted CAs, known as the trusted root CA store.
An SSL Certificate issued by a certificate authority for an organization and its domain/website will verify whether a trusted third party has authenticated the identity of that organization. Since the browser trusts CA, it now trusts the identity of that organization as well.