SSL certificates encrypt the connection between a visitor's browser and your website, and verify your website's identity to visitors. This article explains what SSL certificates do and how the underlying encryption process works.
What SSL certificates do
An SSL certificate serves two main roles:
- Encryption. It encrypts data passed between a visitor's browser and your web server, so sensitive information (like login details or payment data) can't be intercepted in transit.
- Identity verification. It confirms your website's identity to visitors, at a level that depends on the certificate's validation type — domain validation, organization validation, or Extended Validation (EV), which displays your organization's verified name in the browser. For details on each level, see What Are the Validation Methods?
How SSL works
When a browser connects to a website secured with SSL, the browser and server perform a brief handshake: the server presents its SSL certificate, the browser verifies it against a trusted certificate authority, and the two establish an encrypted connection. Once this handshake completes, all data exchanged between the browser and server is encrypted.
Next steps
- Review the validation methods to understand what each certificate type verifies — see What Are the Validation Methods?
- Compare SAN and wildcard certificates if you need to secure multiple domains or subdomains — see SAN vs. Wildcard Certificates: What's the Difference?
Questions? Contact Ascio Support.
How helpful was this article?
Thanks for your feedback!
Do you still need help? If so please submit a request here.