Why Use SSL Certificate
What is SSL? SSL stands for Secure Sockets Layer, an encryption technology that was originally created by Netscape in the 1990s. SSL creates an encrypted connection between your web server and your visitors’ web browser allowing for private information to be transmitted without the problems of eavesdropping, data tampering, and message forgery.
To enable SSL on a website, you will need to get an SSL Certificate that identifies you and install it on your web server. When a web browser is using an SSL certificate it usually displays a padlock icon but it may also display a green address bar.
Why SSL needed?
- SSL Encrypts Sensitive Information
- SSL Provides Authentication
- SSL Provides Trust
- SSL is required for PCI Compliance
Is the web site really secure with SSL?
No. SSL secures the network communication link only. Although this is an important security layer for sensitive applications, most attacks on websites are not actually done this way. Most attacks on websites are actually done in one of the following ways:
- The server is attacked directly. SSL does not protect you from this. Rather, you need to have a good IT security policy to protect your server.
- The user is attacked directly, either by infecting their PC with malware, or by using “phishing” to steal their passwords. SSL does not protect you from this, either. To protect your own PC from this, you need to use a good anti-virus program, and use lots of common sense and a small amount of paranoia when on the Internet. However, it is unrealistic to expect that all the PCs of all of your website visitors will be adequately protected.
In other words, SSL does very little to prevent the website from being hacked. It only prevents 3rd parties from listening to communications between the user and the website.