SSL

SSL (Secure Sockets Layer) is the standard security technology to encrypt a connection between a web server and a browser.

All data passed between the web server and browsers remain private.

SSL is an industry standard and is used by millions of websites in the protection of their online transactions with their customers.

HTTPS and the little padlock

Sites which are secured by SSL will usually begin with the HTTPS protocol. Visitors to sites secured with SSL should also see a small padlock displayed in the browser to indicate the site is secure.

Certificate required

To create an SSL connection a web server requires an SSL Certificate. Webmasters are asked questions about their website, their business, and their identity, and this information is used to create two cryptographic keys – a Private Key and a Public Key.

The Public Key does not need to be secret and is placed into a Certificate Signing Request (CSR) – this is a file, and it also contains the details provided.

The CSR is then submitted to a Certification Authority.

During the SSL Certificate application process, the Certification Authority validates details and issues an SSL Certificate containing these.

Web servers match the issued SSL Certificate to the Private Key, and can then create an encrypted connection between the website and visitors’ web browsers.

SSL Certificates are issued to either companies (legal persons) or legally accountable individuals.

Information in SSL Certificates

Usually, an SSL Certificate contains domain name, company name, address, city, state and country.

It also contains the expiration date of the Certificate and details of the Certification Authority responsible for the issuance of the Certificate.

What happens when browsers connect

When a browser connects to a secure site it retrieves the SSL Certificate and checks it has not expired; it has been issued by a trusted Certification Authority; and that it is being used by the website for which it has been issued.

If it fails on any one of these checks the browser will display a warning to the end user letting them know that the site is not secured by SSL.

Let’s Encrypt

There are different Certification Authorities available, and different levels of security certificate – up to and including “Green Bar” Extended Validation (EV) certificates, (which are more complex and involve more vetting) – but for most purposes, Let’s Encrypt provide free certificates, which are trusted by major browsers, and Silicon Dales recommends them.

Relaunch: Constable Burton Hall Caravan Park

Last week, saw the relaunch of a long-standing client site, as Constable Burton Estate had us rebuild their Constable Burton Hall Caravan Park website in a mobile friendly, responsive, WordPress skin. The website includes a WooCommerce accommodation booking system, which allows guests to register online for stays at the caravan Park. This booking system is …

Read more

Halloween Offer from Silicon Dales: 20% off Security Certificate Installation (HTTPS)

Keep your WordPress website visitors happy and help your search rankings too, by making sure your site security certificate is installed and working.

Installation can be tricky, so if you’re seeing mixed content warnings, or don’t know where to start, book Silicon Dales today for SSL Certificate Installation, and get 20% off as part of our Halloween offer.

Simply enter the code “HALLOWEEN20” at checkout and let us know your preferred time to be contacted. Once booked, an expert developer will then be in touch to arrange the necessary credentials to begin setup.

Read more

How to Customize Your PayPal Checkout with Your Logo

If you use PayPal as a checkout, either on its own, or with other payment gateways and providers, in your online shop, or auction, chances are you’ll want to customise the look and feel of your checkout yo provide your customers with a more seamless transaction process. This tutorial will help if you use the …

Read more