A business that thrives on its websites needs to draw traffic. And traffic will not follow if the website cannot be trusted. How can you make your website, essentially your web server, trustworthy? In the real world, if an authority certifies that you are trustworthy, the public will trust you. The scenario is the same in the virtual world. The authority that verifies your identity and certifies you is called Certificate Authority (CA).
Establishing trust requires you to ensure the security of people’s information that passes through the browser to your server. You have to ensure that your web server is highly secure. Next, you will have to acquire a certificate authenticating the transactions done through your website. These things are handled by a technology called Secure Sockets Layer (SSL).
SSL facilitates secure and smooth transactions between a browser and a web server. Websites who want to establish trusts and credibility of their business in the virtual world go for this technology. An SSL certificate certifies your websites as legitimate and trustworthy. SSL.com describes how this certification works:
(Source) Typically an SSL Certificate will contain your domain name, your company name, your address, your city, your state and your country. It will also contain the expiration date of the Certificate and details of the Certification Authority responsible for the issuance of the Certificate. When a browser connects to a secure site it will retrieve the site’s SSL Certificate and check that it has not expired, it has been issued by a Certification Authority the browser trusts, and that it is being used by the website for which it has been issued. If it fails on any one of these checks the browser will display a warning to the end user letting them know that the site is not secured by SSL.
We’ll discuss the SSL technology in detail in one of our following posts.