Home >SSL

Protect Your Site

Secure Socket Layer (SSL)

What is SSL?

SSL (Secure Socket Layer)/ TLS (Transport Layer Security) - successor of SSL and most widely deployed, is an internet security protocol that allows two communicating applications -Client-Sever -to exchange data securely through an unsecure network i.e. internet or any other third party network.

SSL is used by internet browsers and Web Servers to transmit sensitive information securely. Transmitting sensitive information like credit card details and account logins over unsecure internet (HTTP connection) gives attackers the chance to eavesdrop and manipulate this critical information leading to identity theft and many such attacks. SSL provides two essential security measures to the internet users enabling HTTPS connection. One is privacy of the users valued data in transit establishing an encrypted channel between the client and the server. The other one is authentication of the server using SSL certificate, so that the user can be assured of that he/she is connecting and communicating with the right server.

What is SSL Certificate?

Servers that support SSL and TLS must have certificates issued to them by a trusted CA or Certifying Authority. Though TLS is now widely deployed, the naming convention remains SSL certificate rather than being referred as TLS Certificate.

An SSL Certificate is a small data file issued by one of a limited number of Trusted CAs that digitally binds a cryptographic key to an organization corporate detail. Such details can include domain, server or host name, company name and location and in some cases organizational contact details. SSL Certificate is used to verify that the Web site is indeed what it claims to be. In order to issue SSL certificate, Dohatec CA asks for some specific information to the website owner to verify the rightful ownership of the website through a stringent process.

Organizations need to install the SSL Certificate onto their web servers to initiate SSL sessions with browsers. Once a certificate is installed it is possible to connect to a website according to SSL protocol, as this tells the server to establish a secure connection with the browser. Once the secure connection is established all web traffic between the server and browser is secure.

End users experience the presence of SSL when connecting to a secure site by having https in the address bar and a yellow padlock across the address bar of the browser. These security indications create trust in end customers and they may send any confidential information to that site without any fear of being hacked.

Root Strength, Key Strength and Encryption Strength

Root Strength of SSL Certificate is the strength of the cryptographic key used to issue the SSL Certificate. Dohatec CA issues SSL Certificate with 2048 bit root strength which is in compliance with the NIST ((National Institute of Standards & Technology) recommendation that it is not acceptable to use cryptographic keys less than 2048 bit from 2011.

The protection strength of SSL Certificate depends on the private key used to authenticate the servers. In compliance with NIST, it is secure to use SSL Certificates with 2048 bit private key for all servers, which will stay secure for next 10 years or so. Dohatec CA issues SSL Certificates with 2048 bit key strength.

Encryption Strength is the strength of the encrypted channel established between the browser and the server when the connection is over https (SSL enabled). SSL Certificates issued by Dohatec CA support the highest available encryption strength which is 256 bit encryption.