An SSL certificate is issued by a certified certification company on the Internet. It proves that you are who you say you are.
A normal procedure when applying for an SSL certificate is similar to a credit check in many ways. Your company will be searched at companies house, a letter may be sent to verify your address, and domain names may be checked to ensure the details of the owner match your details. It can be a bureaucratic process, and time consuming.
Whichever method is used to verify your identity, once you have your SSL certificate you can use it online in a few different ways. A company would typically use their SSL certificate in one of three different scenarios.
Your SSL Certificate is your passport on your Internet. In the wild expanse of the world wide web having your own ID is often critical.
E-Commerce Website (HTTPS)
The most common is on a web site, especially an e-commerce website where money is changing hands. Your website has an SSL certificate installed on it. With booming trends in Internet fraud, it remains vital for professional companies to prove who they are. Most Internet users have become security conscious and not submit their private details on the web unless they know that the information they provide is securely transmitted and not accessible for anyone to view.
Once a SSL certificate is installed onto your website you are able to use the HTTPS protocol. The “S” in HTTPS stands for secure. Everyone visiting your website can clearly see that it is secure as browsers such as Internet Explorer and Firefox display a padlock icon to indicate that the website is secure, as it also displays https:// in the address bar.
Once installed your web server can encrypt content sent between your web server and your customer. The encryption is typically 128 bit, and is used for electronic payment transactions.
Secure Email (TLS)
One day all email will be sent this way.
It is becoming increasingly common, especially amongst businesses in the Finance sector, for businesses to accept email only if it can be proved who it is from and only if it has been encrypted as it transverses the Internet.
In order to achieve this your email server must be installed with an SSL certificate.
Want to know more? Click here
Remote Email Access (Active Sync)
Windows Mobile, Google Android and iPhones can all be configured to connect to your email server and synchronise messages, calendars and contacts. The most optimum configuration is to configure your email server with a SSL certificate. It allows messages to be synchronised to the handset in an encrypted format, but it also allows that handset to link up with the server with minimum configuration. It is technically possible to make this work without an SSL certificate, but it takes time and a bit of know how on each mobile device. Its much easier to buy the SSL certificate.
Outlook Web Access is the feature on Microsoft Exchange email server that allows you to collect your email remotely via a web browser. If SSL is installed on a server, all your activity can be encrypted.
Microsoft Outlook can be installed in offline mode on an employees laptop or at home. That laptop can synchronise with the server using what used to be know as “RPC over HTTP” and more recently as Outlook Anywhere. These remote devices can access encrypted email when SSL is installed.