What are Security Certificates, before we jump into this question we need to know the basics knowledge of Internet and Website why is it created and for what purpose this certificates is used for. And how it secured your website from the scammer.
What is Internet?
The internet is often depicted as this cloud illustration but inside the internet is actually just a bunch of different routers that are handing data off to one another on either side of the internet is you and who you are speaking to.
All of these routers are owned by different ISPS which stands for internet service provider these ISPS are in charge of maintaining these routers which are going to hand data off to one another.
So when you are trying to speak to something on the other side of the internet you are putting data on the wire which is then going to be handed off from router to router owned by different ISPS all the way across the internet before it arrives to the other side the point.
As soon as you put data on the wire you no longer have control over what happens to that data that data is literally in the hands of all these different ISPS as it’s passing across the internet.
Now most commonly on the internet the type of data that is transferred through websites. Meaning this server could be the web server in charge of hosting the site.com.
What is Website?
Well a website is something written in html which stands for hypertext markup language and transferred in http which stands for hypertext transfer protocol.
For Example, HTML page is simply text with different tags and different content that is meant to be displayed by web browser. And in order for this client to receive a copy of this html page it’s going to have to send an http request which will asking for the page index.html from the host site.com.
This will prompt the web server to respond with a copy of that html page that html page will then be handed from router to router across the internet where it’ll arrive on the client and the client’s.
Web browser will turn that into something that’s a little bit more visually appealing so that is the definition of a website.
HTML & HTTP
HTML & HTTP is an important thing to understand is that no point in this process did any sort of encryption happen. The HTML page is just a text file which is sent across the internet to the other side it might not look like there’s anything too dangerous about anyone in the middle seeing the contents of this particular.
HTTP transfer the websites are not always simply displaying information sometimes they are asking for information like a username or a password or a bank account number or a credit card number.
If the user fills in all these fields that’ll be sent as is across the internet to the other side and anyone in the path will have access to what was sent. This is why most browsers will display an error if you start filling in these text boxes that are meant to be transferred in http.
And this is actually the problem that SSL and TLS are trying to solve what SSL and TLS do is they build a secure protected tunnel across the internet and now with this SSL tunnel the client and the server can share information safely across the internet.
What are security Certificates (SSl & TLS)
SSL stands for secure sockets layer and TLS stands for transport layer security SSL is the protocol Netscape created way back in 1994 in order to bring security to the internet then in 1999.
the IETF took over maintenance of the SSL protocol IETF stands for internet engineering task force and they are responsible for maintaining many of the public internet protocols. And when they took over the SSL protocol they renamed the protocol as TLS that is why there are two different terms.
One of them is the protocol the Netscape created and maintained and the other one is the protocol maintained by the IETF so you can consider both of these terms as referring to the same protocol or more accurately as different versions of the same protocol.
Today the world mostly uses the newer version of the protocol TLS but the older term still persists and people still refer to this as SSL. So typically these two terms are used interchangeably, but we are actually getting ahead of ourselves there’s actually a few different versions of SSL and a few different versions of TLS.
SSL and TLS they create a secure protected tunnel across the internet and understanding the three main use cases of SSL and TLS the first being using https to securely transfer websites and the other two being using an SSL VPN to securely connect to a corporate network or to connect to a public VPN provider to hide your identity.
What is SSL-VPN?
SSL VPN the most common use case for an SSL VPN is for a client to connect to some sort of corporate network the client can build an SSL VPN across the internet. The corporate firewall and now any corporate resources that the client needs to access it can access securely through this SSL tunnel for instance corporate email or corporate databases or files.
Connecting to a Public VPN provider something like Express VPN or Nor VPN or cyber ghost or a bunch of others. These providers allow a client to build an SSL tunnel to their network and now any internet facing traffic that is sent by this client will go through this tunnel into the VPN provider’s network and then out to the actual internet.
What this does is it hides the IP address of the client and potentially makes the client appear like they’re coming from a different location.
Thanks For Reading…
If you found this article useful then don’t forget to share with others also. For more interesting tech articles visit our website: BLOGGSTERS