What is SSL?

What is SSL?

The Secure Socket Layer (SSL) and Transport Layer Security (TLS) is the most widely deployed security protocol used today. It is essentially a protocol that provides a secure channel between two machines operating over the Internet or an internal network. In today’s Internet focused world, the SSL protocol is typically used when a web browser needs to securely connect to a web server over the inherently insecure Internet. what-is-ssl-video-med.jpg

Technically, SSL is a transparent protocol which requires little interaction from the end user when establishing a secure session. In the case of a browser for instance, users are alerted to the presence of SSL when the browser displays a padlock, or, in the case of Extended Validation SSL, when the address bar displays both a padlock and a green bar. This is the key to the success of SSL – it is an incredibly simple experience for end users.

Read: Heartbleed bug - what you need to know, and our response.

Extended Validation (EV) SSL Certificates (such as GlobalSign ExtendedSSL) display visible trust indicators:

SSL Green Bar

Standard SSL Certificates (such as GlobalSign DomainSSL and OrganizationSSL) display:

SSL Padlock

As opposed to unsecured HTTP URLs which begin with "http://" and use port 80 by default, secure HTTPS URLs begin with "https://" and use port 443 by default.

HTTP is insecure and is subject to eavesdropping attacks which can let attackers gain access to online accounts and sensitive information if critical information like credit card details and account logins is transmitted and picked up. Ensuring data is either sent or posted through the browser using HTTPS is ensuring that such information is encrypted and secure.

In practice, how is SSL used in today’s modern e-commerce enabled / online workflow and service society?

  • To secure online credit card transactions.

  • To secure system logins and any sensitive information exchanged online.

  • To secure webmail and applications like Outlook Web Access, Exchange and Office Communications Server.

  • To secure workflow and virtualization applications like Citrix Delivery Platforms or cloud-based computing platforms.

  • To secure the connection between an email client such as Microsoft Outlook and an email server such as Microsoft Exchange.

  • To secure the transfer of files over https and FTP(s) services such as website owners updating new pages to their websites or transferring large files.

  • To secure hosting control panel logins and activity like Parallels, cPanel, and others.

  • To secure intranet based traffic such as internal networks, file sharing, extranets, and database connections.

  • To secure network logins and other network traffic with SSL VPNs such as VPN Access Servers or applications like the Citrix Access Gateway.

All these applications have a number of shared themes:

  • The data being transmitted over the Internet or network needs confidentiality. In other words, people do not want their credit card number, account login, passwords or personal information to be exposed over the Internet.

  • The data needs to remain integral, which means that once credit card details and the amount to be charged to the credit card have been sent, a hacker sitting in the middle cannot change the amount to be charged and where the funds should go.

  • Your organization needs identity assurance to authenticate itself to customers / extranet users and ensure them they are dealing with the right organization.

  • Your organization needs to comply with regional, national or international regulations on data privacy, security and integrity.

DomainSSL

Fast & Economical

  • $10K warranty
  • 7 Day Refund
  • Delivered in minutes
  • No paperwork needed
Learn More
 

OrganizationSSL

High Assurance SSL

  • $1.25M warranty
  • 7 Day Refund
  • Organization identity included
  • Higher levels of trust
Learn More

ExtendedSSL

Activate the Green
Address Bar!

  • $1.5M warranty
  • 7 Day Refund
  • Highest assurance level SSL
  • Increased visitor trust
Learn More

Multi-Domain & Wildcard SSL

Secure multiple domains and
sub domains on the same server with a single SSL Certificate &
single IP address with Wildcard and Subject Alternative Names (SANs).

Learn More

Not sure which type of certificate is right for you? Compare SSL Certificates and Pricing