How does SSL work?

I know this is not a specific question, but I'm reading about this subject for about an hour and can't find any BASIC information about it?

How does SSL work? What's a private and public key? Why do you have to buy a certificate at a company and what's the difference between signing one yourself? What is such certificate anyway?

I've read several websites, the wikipedia info, other threads o开发者_开发技巧n Stack Overflow, but it's very confusing. It seems nobody can explain the BASICS with a simple example. I have to write a small text about the basics of SSL, but everything is very confusing.

First I read a lot of info about public and private keys in SSL, then the next site tells me SSL doesn't use this, but uses a symmetric key (how does this work?)

If anyone got a link to a website which explains the basic concepts of SSL, I would be very happy.

Thank you!

Try reading our introductory article (and some other articles in the same knowledgebase section). But in general it is important to know the basics of cryptography and some PKI before going for SSL. You can't start from scratch and understand SSL in an hour.

I wanted to know the same thing recently. I was pointed towards this podcast. I listened to it twice and it's sunk in.

Check out Security Now Espisode 195 (The SSL/TLS Protocol) at http://www.grc.com/securitynow.htm

It's not a quick answer but this podcast will give you a really good grounding.

Good luck.

SSL (Secure Sockets Layer) encrypt information that website visitors enter on your website.

In order to secure your site, you'll need an SSL certificate.

There are two types of SSL certificates.

1. Self Signed - They can be obtained for free using software like Open SSL. These type of certificates provide encryption, but it's not authenticated like authority-signed certificates.

A website which use a self-signed certificate will show an error message when a user submit information that it has not been verified by an authorized party.

2. Authority Signed - it's not free and have a yearly fee. An authority-signed certificate also comes with a warranty in most cases, which means if the site is compromised, you will be paid for the damage caused up to a certain amount.

You can get an authority signed SSL certificate from any authorized SSL certificate 3rd party.

All data entered by your users will by encrypted and it keeps hackers from seeing private information like credit card and banking information, even social media postings.

Having your site secured, makes customers feel secure and comfortable entering personal information.

I hope this answer your question.

Regards Marietha