What is an SSL certificate?
SSL Protocol and SSL Certificate
The SSL protocol can be used for encrypting the connection only if desired, but it also allows for reliable user authentication.
Both establishing an encrypted connection and user authentication are based on asymmetric encryption, where two different keys are used for encrypting and decrypting the message. One key is private, and the other is public, which is why it is referred to as the public key method. For actual communication encryption, a symmetric method is used, and the key is sent to the other party encrypted with the recipient's public key.
For user authentication, in addition to the public key, a certificate (SSL certificate) is required. This certificate is a digitally signed proof by a trusted certificate authority that a specific public key belongs to a certain individual or server.
To authenticate to a secure service, the user sends their certificate to the server along with a message signed with the private key. By decrypting this message with the public key found in the certificate, the server confirms that the user also possesses the private key. Similarly, the user can verify the authenticity of the server based on the certificate sent by the server.
In an SSL-protected connection, the browser usually displays a padlock or similar icon on the address bar, and the URL starts with "https://" instead of the usual "http://".
In addition to providing a secure connection, search engines like Google tend to favor websites that use HTTPS in their search results.