Configure

EV Secure Sockets Layer (SSL)?

What Does EV Look Like?

If your site collects credit card information you are required by the Payment Card Industry (PCI) to have an SSL certificate. If your site has a log-in section or sends/receives other private information (street address, phone number, health records, etc.), you should use Extended Validation SSL certificates to protect that data.

Your customers want to know that you value their security and are serious about protecting their information. More and more customers are becoming savvy online shoppers and reward the brands that they trust with increased business.

How Does the SSL Certificate Create a
Secure Connection?

When a browser attempts to access a website that is secured by SSL, the browser and the web server establish an SSL connection using a process called an “SSL Handshake” (see diagram below). Note that the SSL Handshake is invisible to the user and happens instantaneously.

Essentially, three keys are used to set up the SSL connection; the public, private, and session keys. Anything encrypted with the public key can only be decrypted with the private key, and vice versa.

Because encrypting and decrypting with private and public key takes a lot of processing power, they are only used during the SSL Handshake to create a symmetric session key. After the secure connection is made, the session key is used to encrypt all transmitted data.

Browser connects to a web server (website) secured with SSL (https). Browser requests that the server identify itself.

Server sends a copy of its SSL Certificate, including the server’s public key.

Browser checks the certificate root against a list of trusted CAs and that the certificate is unexpired, unrevoked, and that its common name is valid for the website that it is connecting to. If the browser trusts the certificate, it creates, encrypts, and sends back a symmetric session key using the server’s public key.



Server decrypts the symmetric session key using its private key and sends back an acknowledgement encrypted with the session key to start the encrypted session.



Server and Browser now encrypt all transmitted data with the session key.


Is My Certificate SSL or TLS?



The SSL protocol has always been used to encrypt and secure transmitted data. Each time a new and more secure version was released, only the version number was altered to reflect the change (e.g., SSLv2.0). However, when the time came to update from SSLv3.0, instead of calling the new version SSLv4.0, it was renamed TLSv1.0. We are currently on TLSv1.2.

Because SSL is still the better known, more commonly used term, DigiCert uses SSL when referring to certificates or describing how transmitted data is secured. When you purchase an SSL Certificate from us (e.g., Standard SSL, Extended Validation SSL, etc.), you are actually getting a TLS Certificate (RSA or ECC).



Get EV SSL certificates for just $284/per year