SSL certificates

sphericalcat · 9 Dec 2009 at 08:41

er... I feel really daft asking this... What is an SSL certificate?

Coldzero · 9 Dec 2009 at 09:07

Essentially a piece of data a few kb's big, which is assigned to a particular server and which is digitally signed by a trusted Certificate Authority (Such as VeriSign). They are used in establishing SSL (Secure Socket Layer) connections which basically encrypt information you send to a website.

sphericalcat · 9 Dec 2009 at 16:33

Ok, so it is essentially an encryption key and a kind of "passport" provided by some third party, right?

When you say it's a assigned to a server, do you mean a domain name or the actual host server? Would I typically need to contact my host to get one?

Thanks.

tntcoder · 9 Dec 2009 at 17:07

The certificate is bounded to a company/domain name. And they use public-key encryption, the companies public key goes on the SSL certificate while the private key is "strongly protected" on the remote server. The certificate is digitally signed by a certificate authority, and is verified as authentic with the CA's public key that's also on the certificate.

X.509 is the certificate standard, and here's what's inside one:
http://en.wikipedia.org/wiki/X.509#Structure_of_a_certificate

You can get one by going to a Registration Authority (these are usually just merged into a Certificate Authority) and VeriSign is one of the most popular. You pay for it whilst they run a few checks to make sure you really are who you say your are, then they will issue you a certificate. Buy here: http://www.verisign.co.uk/ssl/buy-ssl-certificates/index.html or http://www.globalsign.co.uk/ssl/

sphericalcat · 9 Dec 2009 at 19:42

Thank you very much, that's basically the information I was after.