When you view a website, the communication between you and the end web server pass through many other companies
and possibly servers. It is possible for others to watch this traffic and capture anything you type. Therefore,
to prevent this, the web server can communicate using Transport Layer Security (TLS) and its predecessor, Secure
Sockets Layer (SSL).
When you attempt to fetch a webpage from a HTTPS URL, your client and the server use a combination of a public
and private key to encrypt and decrypt the data. Both of these are kept on the server and the client will fetch the
public key and encrypt any data sent with this. The client encrypts data to be sent and decrypts data received
using the public key and the server decrypts data received and encrypts data sent with the private key (which is
never disclosed - hence the name).
On the server you effectively generate both, however, even though communications are encrypted, there is no
way to be sure you really are talking to the site you think you are. For example, it is possible you could
be suffering from arp poisoning or static IP addresses entered into your hosts file or your router. Therefore,
the website owner will have the certificate signed by a trusted external company. This is done by generating
a Certificate Signing Request and passing
this to a company such as Verisign, Thawte or one of the other companies trusted by your browser.
It is worth mentioning that SSL certificates are not just used by web browsers. Other systems also use them
to guarantee they are talking to the correct server. A good example is VoIP where exchanging your user login
details to a fake server could cost you thousands in phone bills. A common abuse of VoIP is to crack another
user and then make multiple phone calls to a high cost Premium rate number until the user's credit runs out.
Bookmark on del.icio.us
We hope the 'SSL Certificates' tool helps. If you have any suggestions, please contact us
We're hoping soon to bring some pages on
web design services,
For a more local simpler tool try US domain name generator
or UK domain name generator