SSL Certificates, as known as digital certificates, are small data files that digitally bind a cryptographic key to an organisation’s details. Certificates are issued to companies or legally accountable individuals, SSL Certificates typically bind together domain name/server name/hostname, organisational identity (i.e. company name) and location. It will also contain an issued date and an expiry date and contain details of the certificate authority responsible for issuing the certificate.
An organization needs to install the SSL Certificate onto its web server to initiate secure sessions with browsers. Depending on the type of SSL Certificate applied for, the organization will need to go through differing levels of vetting. Once installed, it is possible to connect to the website over HTTPS, as this tells the server to establish a secure connection with the browser. When a browser connects to a secure site it retrieves the site's SSL certificate and checks that it has not expired, that it has been issued by a Certificate Authority the browser trusts and that it is being used by the web site for which it has been issued. If it fails on any one of these checks the browser will display a warning to the end user. Once a secure connection is established, all web traffic between the web server and the web browser will be secure. Browsers tell visitors a website is SSL secure via several visible trust indicators:
Extended Validation (EV) SSL Certificates display:
Standard SSL Certificates display:
A: The standard HTTP is changed to HTTPS, automatically telling the browser that the connection between the server and browser must be secured using SSL.
B: The address bar turns from white to green, indicating to visitors the web site is using Extended Validation SSL.
C: The padlock is activated, showing that the browser connection to the server is now secure. If there is no padlock or the padlock shows a broken symbol, the page does not use SSL
D: The web site owner's legally incorporated company name is displayed prominently on the address bar real estate. Extended Validation SSL is the only way for a company to get its name displayed in the browser address bar.
To view the details of an SSL Certificate, go to a HTTPS site, click on the padlock and select "View certificates". All browsers are slightly different, but the Certificate always contains the same information.