DEV Community

Cover image for What I've learned today - 1 - SSL
Luan Gomes
Luan Gomes

Posted on

What I've learned today - 1 - SSL

What is SSL?

https://images.unsplash.com/photo-1605351792643-fe0c43d18762?ixlib=rb-1.2.1&q=85&fm=jpg&crop=entropy&cs=srgb

SSL stands for Secure Sockets Layer, a type of digital security that allows encrypted communication between a website and a browser. They are digital passports that provide authentication to protect the confidentiality and integrity of website communication with browsers.

How SSL Certificates Work

When accessing a web page, it is safe to perform certification of the page for data transmission in a secure manner.

Especially for sites where we need to send personal data, such as e-commerce, it is essential that you have an active SSL certificate.

SSL handshake

The handshake is done at the beginning of the communication between the browser and the web server, they use asymmetric encryption for certification on both sides.

Steps:

→ Browser tries to connect to the web server.

→ Web server sends back a copy of the SSL certificate.

→ The browser checks whether the certificate is valid.

→ If valid, the browser sends the response to the web server.

→ Web server sends the acknowledgement to start an encrypted session with the browser.

SSL data transfer

Data transfer is done using symmetric encryption, where the browser and web server have the same session key that will be used to encrypt and decrypt the data.

→ At this moment there is the exchange of data using the session key

How to know if a website has SSL

Simple, we just need to verify if that site has HTTPS at the start of the address (instead of “HTTP”).

Benefits of using SSL

  • Safety.
  • Your user can trust that their data is being cryptography.
  • HTTPS instead of HTTP, which ranks better on google.

I appreciate everyone who has read through here, if you guys have anything to add, please leave a comment.

Top comments (0)