What is an SSL certificate?
The Internet for us has long played an important and critical role in our existence. We use it not only to communicate and share knowledge - we buy things on the Internet, we make deals, we conclude contracts and so on. Quite often, the information sent is sensitive or confidential.
As in everyday life, there are always those who want to access this kind of data, change the payment details or intercept the passwords from our social network accounts. Here, the concept of "encryption" comes to our aid, that is, the generation of a key, with which you can encrypt data and decrypt it back.
An SSL certificate is a digital signature designed to ensure the security of an encrypted connection between two nodes, such as a computer and a server.
SSL certificates come in three types:
-
certificate issued by the certification authority.
-
self-signed certificate.
-
"empty" certificate.
"Empty" is a certificate that contains fictitious or empty information. It is used to debug and configure SSL encryption.
A self-signed certificate is one that was not issued by the Certification Center, and in which the data of the certificate holder coincides with the data of the publisher. It is recommended to trust such certificates only if you understand what resource you are on and who has generated the certificate.
The certificate issued by the certification authority is the certificate that confirms the authenticity of a particular resource. Of course, each resource receives its own certificate undergoing a meticulous verification procedure.
There are a number of certification centers whose honesty is undeniable. Their public key is widely known, and it is these centers that use the digital signature to verify the authenticity of the certificates issued.
In practice, it looks like this:
Each browser stores information about which certification centers are trusted, that is, the electronic signature of which certification center is valid. When a site is opened using the HTTPS protocol, when checking the SSL certificate, the electronic signature signed by the certificate is compared with the known browser.
If the signature has passed the verification - the certificate is considered trusted, meaning the resource has passed the verification. In this case, the lock bar displays the lock, the sign of the encrypted connection, and by clicking on it - you can get information about whom the certificate is issued to.