SSL/HTTPS/TLS is a common term you see come up a lot these days, with in many cases it's even mandatory. In this article, we explain all about SSL/HTTPS/TLS and why you really need it!
SSL is a common term these days. You will no doubt have come across it while surfing, emailing or apping and asked yourself what exactly it is and what it is used for and why it comes up so often these days. In this article, we’ll explain all about SSL!
SSL is a technique used to a connection between two computers or devices secure and fully encrypted to set up.
In short, it ensures that the connection between both devices is encrypted and that if you intercept the traffic you will only see encrypted text and not plain text.
If you don’t do this, then someone intercepting the connection can really see everything that is sent over the line.
Suppose you log in via a connection without SSL to your online bank with your username and password, then this data is sent plain over the Internet connection. So if we were to intercept the connection, we would see your username and password exactly, and we could save it and use it to log in ourselves.
Once you connect to SSL, all the text you enter and send over the connection is fully encrypted and cannot be decrypted by anyone intercepting it. This makes the data passing over the line unusable and makes the connection considerably more secure!
SSL comes with a whole load of additional terms you’ll see passed around the Internet. In the end, most of it is simply part of the SSL technique, but is just a different way of encryption or of how SSL works, for example.
You will often see HTTPS in conjunction with a Web site. It ensures that the connection between your computer, tablet or smartphone and the website you are visiting is SSL-enabled and thus secure.
HTTPS stands for: “Hyper Text Transfer Protocol Secure.”
You can check if your website has HTTPS by looking at the lock icon in the address bar of your Internet browser. If there is a lock, as in the picture below, it means that the connection between you and the website has HTTPS security.
TLS is a newer version of HTTPS / SSL and features some fixes for security issues that came to light in previous SSL protocols.
So again, it is just a little more secure, new and better built than the older SSL protocols.
TLS stands for: “Transport Layer Security.”
Below we have listed all SSL and TLS versions.
Now that we’ve talked about SSL, HTTPS and TLS, you know what it is, what it’s for and what it can do. An SSL certificate, in this case, is an add-on to make SSL / HTTPS work properly.
An SSL certificate contains data about the website/app/software you are connecting to, such as the domain name, the certificate holder, the name of the authority and the country in which the certificate was issued. So it really is a certificate that shows that the applicant is a secure party.
With the paid EV certificates, the company behind it is really checked and you can be sure that you set up a secure connection with the company and not with another party.
The applicant of the SSL certificate gets a private key (secure key) and a public key that belong to the unique SSL certificate. The SSL certificate is placed on, for example, a website or an app.
Once you surf to the website, your browser downloads the public key. This is matched with the private key that is stored securely on the server where the website is located. If they match, if they pass the certificate check, a more secure connection will be established and you will see the padlock icon in your browser.
From that moment on, the connection between you and the server is secure. If the public key does not match the private key and the certificate, or the certificate has expired for example, you will receive a large error message. This error message indicates that the connection is not secure and clearly shows that it is not advisable to continue.
It ensures at all times that the data exchanged between the visitor and the website are equipped with the highest encryption and therefore secure.
You do not get unsafe messages in Internet browsers and thus do not scare off visitors. As soon as you do not have an SSL / HTTPS certificate you will get a big error message in the internet browser.
All sensitive information is sent securely, so no data can leak through the connection between the visitor and the website.
SSL gives confidence. Because you get to see a green lock, visitors know that they are on a secure url and that gives confidence.
SSL is good for SEO and makes your website grow faster. A site that has a secure SSL / HTTPS connection will grow faster in Google than one that does not.