The basics of web security
SSL certificates use something called public key cryptography. It’s scary but it’s simpler than you think. This particular type of encryption exploits the power of two keys which are nothing more than long strings of numbers generated randomly. One is called a private key and the other is called a public key. A public key is known to the server and is available in the public domain. It can be used to encrypt any message. If Paola is sending a message to Giovanni, for example, she will lock it with Giovanni’s public key, but the only way to decrypt it will be by unlocking it with Giovanni’s private key.
Giovanni is therefore the only one who has his private key, so Giovanni is also the only one who can use this key to unlock Paola’s message. If a hacker intercepts the message before Giovanni unlocks it, all he gets is a cryptographic code that he can’t crack, even with the power of a supercomputer. Simple isn’t it? It’s actually a bit more complex than that but we wanted to be very clear on the process of operation.
Let’s translate this example into terms of a website where communication takes place between a website and a server. Your website and your server are Giovanni and Paola.
Why do I need an SSL certificate?
SSL certificates protect your sensitive information such as credit card information, usernames, passwords etc. Furthermore:
- Keep data safe between servers
- Increase your ranking on Google
- Build / increase customer trust
- Improve conversion rates
In a nutshell, this means having a secure site and a more trusting relationship with your customers.