Best SSL Guide
Introduction to SSL.
SSL stands for Secure Sockets Layer and, in short, it's the standard technology for keeping an internet connection secure and safeguarding any sensitive data that is being sent between two systems.
It is a industry standard and it is used by millions of website for secure transaction. For example, you can see our website as its showing secure connections i.e. https, which means I am using SSL for our website.
The two systems can be a server and a client (for example, a shopping website and browser) or server to server
It does this by making sure that any data transferred between users and sites, or between two systems remain impossible to read.
It uses encryption algorithms to scramble data in transit, preventing hackers from reading it as it is sent over the connection. This information could be anything sensitive or personal which can include credit card numbers and other financial information, names and addresses.
TLS (Transport Layer Security) is just an updated, more secure, version of SSL.
We still refer to our security certificates as SSL because it is a more commonly used term.
Transport Layer Security (TLS) is the successor protocol to SSL. TLS is an improved version of SSL.
It works in much the same way as the SSL, using encryption to protect the transfer of data and information.
An SSL certificate is installed on the server side but there are visual cues on the browser which can tell users that they are protected by SSL.
Firstly, if SSL is present on the site, users will see https:// at the start of the web address rather than the http:// (the extra "s" stand for "secure").
Working of SSL certificate.
The basic principle is that when you install an SSL certificate on your server and a browser connects to it, the presence of the certificate triggers the SSL (or TLS) protocol, (how to enable, you can read in previous two blogs) which will encrypt information sent between the server and the browser (or between servers).
It operates directly on top of the transmission control protocol (TCP). It allows higher protocol layers to remain unchanged while still providing a secure connection. So underneath the SSL layer, the other protocol layers are able to function as normal.
If an SSL certificate is being used correctly, all an attacker will be able to see is which IP and port is connected and roughly how much data is being sent. They may be able to terminate the connection but both the server and user will be able to tell this has been done by a third party. However, they will not be able to intercept any information, which makes it essentially an ineffective step.
The hacker may be able to figure out which host name the user is connected to but, crucially, not the rest of the URL. As the connection is encrypted, the important information remains secure.
Step by Step Procedure of working SSL.
Step 1 : SSL starts to work after the TCP connection is established, initiating what is called an SSL handshake.
Step 2 :The server sends its certificate to the user along with a number of specifications (including which version of SSL/TLS and which encryption methods to use).
Step 3 : The user then checks the validity of the certificate, and selects the highest level of encryption that can be supported by both parties and starts a secure session using these methods. There are a good number of sets of methods available with various strengths - they are called cipher suites.
Step 4 : To guarantee the integrity and authenticity of all messages transferred, SSL and TLS protocols also include an authentication process using message authentication codes (MAC). All of this sounds lengthy and complicated but in reality it’s achieved almost instantaneously.
Thank You !
Happy Learning !!!
If you have doubt or queries, you can definetely comment us or can mail us on [email protected]
If you have any recommedation for future blog, You can email us on [email protected]
Top Searches :
- Best Jboss Server Security Guide.
- Introduction to hardening in Middleware.
- Hardening In Jboss EAP 5.1
- Enable TLS1.2 in Jboss EAP 7
- VAPT – Enabling TLS1.1/1.2 in Jboss
- VAPT – DISABLING HTTP METHODS
- VAPT – HOW TO REMOVE APACHE COYOTE VERSION FROM JBOSS
- INSTALLATION OF JBOSS ON LINUX
- INTRODUCTION TO JBOSS
- INTRODUCTION TO MIDDLEWARE
- Thread Dump
- Heap Dump.