• An SSL Certificate enables encryption of sensitive information during online transactions.
• Each SSL Certificate contains unique, authenticated information about the certificate owner.
• Every SSL Certificate is issued by a Certificate Authority that verifies the identity of the certificate owner.

You need SSL if...

• …you have an online store or accept online orders and credit cards.
• …your business partners log in to confidential information on an extranet.
• …you have offices that share confidential information over an intranet.
• …you process sensitive data such as address, birth date, license, or ID numbers.
• …you need to comply with privacy and security requirements.
• …you value privacy and expect others to trust you.

Public and Private Keys to Privacy
An SSL Certificate consists of a public key and a private key. The public key is used to encrypt information and the private key is used to decipher it. When a Web browser points to a secured domain, a Secure Sockets Layer handshake authenticates the server (Web site) and the client (Web browser). An encryption method is established with a unique session key. They can begin a secure session that guarantees message privacy and message integrity.

Authentication Practices
Every SSL Certificate is created for a particular server in a specific domain for a verified business entity. Like a passport or a driver’s license, an SSL Certificate is issued by a trusted authority, the Certificate Authority (CA). When the SSL handshake occurs, the browser requires authentication from the server. A customer sees the organization name when they click certain SSL trust marks (such as the Secured™ Seal) or use a browser that supports Extended Validation. If the information does not match or the certificate has expired, the browser displays an error message or warning.

The Web’s Most Trusted Security Provider
SSL helps you deliver a secure and convenient way for your customers to interact with you over the Internet.

Protect Your Customers’ Trust
Without SSL encryption, packets of information travel through networks in full view. Imagine sending mail through the postal system in a clear envelope. Anyone with access to it can see the data. If it looks valuable, they might take it or change it. Without third-party verification, how do you know a Web site is really a business you trust? Imagine receiving an envelope with no return address and a form asking for your bank account number. An SSL Certificate helps Web site visitors protect sensitive information and get a better idea of who they are trusting with it.

An Internet without SSL: Complete Chaos
For explanation purposes, a good comparison of the communication between computers on the Internet is to relate it to a telephone conversation between two people.

Who are you speaking with?
In a phone conversation, what can you do to ensure the person who picks up the phone on the other line is really the person you intended to call. If you have never spoken to them before, this is increasingly difficult. What if the phone call is answered by an imposter, trying to fool you into thinking they are the person you are attempting to contact.

Is Someone Listening to Your Conversation?
It is very easy to tap phone lines and have conversations monitored for an extended period of time with no detection. The Internet is no different. What if someone was tapping and recording your Internet usage, capturing your passwords, social security numbers, bank account numbers, credit card information, and confidential documents. Without encryption, the Internet would be an unusable resource today.

Two very real security issues for Internet correspondence arise.
1. Being sure you are connected to the right computers; are you really on your bank's website or is it a phisher's scam website?
2. Keeping your data safe and out of malicious hands during transit on the Internet.

SSL Details>
SSL technology relies on the concept of public key cryptography to accomplish its tasks. In normal encryption, two communicating parties each share a password or key, and this is used to both encrypt and decrypt messages. While this is a very simple and efficient method, it does not solve the problem of giving the password to someone you have not met or trust. In public key cryptography, each party has two keys, a public key and a private key. Information encrypted with a person?s public key can only be decrypted with the private key and vice versa. Each user publicly tells the world what his public key is but keeps his private key for himself.

How SSL Works: Obtaining an SSL Certificate

Almost any service on the Internet can be protected with SSL. WebMail, Control Panels, POP, IMAP, SMTP, FTP and more are a few of the many applications for SSL Certificates. Company Inc., intends to secure their customer checkout process, account management, and internal employee correspondence on their website, company.com.

Step 1: Company creates a Certificate Signing Request (CSR) and during this process, a private key is generated.

Step 2: Company goes to a trusted, third party Certificate Authority, such as SSLCertificatesShop.com . UkrainianVerificationCenter.com takes the certificate signing request and validates Company in a two step process. UkrainianVerificationCenter.com validates that Company has control of the domain company.com and that Company is an official organization listed in public government records.

Step 3: When the validation process is complete, UkrainianCertificationCenter.com gives Company a new public key (certificate) encrypted with Company's private key.

Step 4: Company installs the certificate on their webserver/s.