What Does An SSL Certificate Mean?
A secure sockets layer (SSL) certificate refers to a file hosted within the webpage's origin server, which holds the data that browsers access when you are viewing and interacting with the page. The certificate may be self-signed or signed (issued) by a third party.
How do SSL certificates work?
How do SSL certificates work? An SSL certificate has the website’s public key, as well as information specific to the site’s identity. For transport layer security (TLS)/SSL encryption to work, devices trying to interface with the website need the site’s public key, which identifies the server hosting the site. This is an essential element of the handshake that takes place when your browser connects with a site with TLS/SSL.
What is TLS? TLS is a protocol that uses cryptography to provide a secure connection between applications interacting with each other on the internet. It is a better version of SSL. Without the public key held within the SSL certificate, a TLS-secured connection cannot happen.
What Are the Elements of An SSL Certificate?
An SSL certificate contains crucial information that serves to validate the certificate and associate it with the domain it is designed to help protect.
Domain name
The domain name refers to the name of the website, such as “Fortinet.com” or “Google.com.” A certificate is issued for a specific domain name.
Name of the organization/individual to whom it is issued
This identifies the person or organization that either owns the website or helped set it up.
Issuing authority name
SSL certificates are issued by certificate authorities (CAs). They include the name of the authority that provided the certificate for the domain.
The certificate authority's digital signature
The digital signature of the CA ensures the authority listed as such in the SSL certificate is who they claim to be.
Associated subdomains
An SSL certificate can list subdomains associated with the primary domain. The subdomain comes before the primary domain in the address of a site. For example, in the address “docs.google.com,” “docs” is the subdomain.
Date of issue
This indicates the date the SSL certificate was issued and associated with the domain and subdomains.
Expiration date
The expiration date tells you when the SSL certificate will expire. This is typically one to two years from the date of issue.
The public key
The public key consists of a string of numbers, letters, and characters used in the encryption and decryption of data sent between the site and users' browsers. The data encrypted by the public key can be decrypted using the private key.