0 votes
in Web Hosting by

What is a security certificate?

1 Answer

0 votes
by

To understand a security certificate, you first have to understand Public Key encryption.

Public Key encryption works like this: there are two “keys” — a key is a very long string of seemingly random data that is used as a value in an encryption formula. One key is Private, known only to one party (in this case, the website owner). The private key has a “matching” Public key, which is published and available for anyone to use.

A message can be encrypted using the Public Key, and it can only be decrypted with the Private Key. This way you can send sensitive data securly, and only the one who is supposed to get it will be able to decrypt it.

The other interesting thing is that you can encrypt data with the Private key, and only the Public key will be able to decrypt it. This may seem meaningless — if the Public key is Public, then anyone can read the message. That’s true, but this accomplishes something more important: it verifies that the message was in fact sent by the party who who says they sent it — only the owner of the Private Key could encrypt the data this way. (This is called “signing.”)

When you use HTTPS, you are communicating with a website via a series of encrypted messages. Your messages are sent encrypted via the Public Key (ensuring only the website gets your data) and responses from the web server are sent signed by the Private Key (ensuring that they are authentic).

So what does the SSL certificate have to do with this?

Once you are certain that the Public Key you are using belongs to the website that you are visiting, and that the website is trustworthy, the rest of the process is secure. But the Public Key doesn’t guarantee identity by itself — a malicious agent could create a fake Public Key and send it to site visitors, and intercept data between site and visitor.

You need some way of verifying that the Public Key is the right one, that it authentically identifies the correct party.

This is what an SSL Certificate does — it certifies the identity of the Public Key.

Related questions

0 votes
asked Oct 2, 2020 in Web Hosting by DavidAnderson
0 votes
asked Oct 2, 2020 in Web Hosting by DavidAnderson
...