If you also want to know about SSL, TLS, HTTPS, CSR in detail about their answers,

If you also want to know about SSL, TLS, HTTPS, CSR in detail about their answers,
If you also want to know about SSL, TLS, HTTPS, CSR in detail about their answers,


If you want to know more about SSL, TLS, HTTPS, CSR, their answers, types and functions, welcome to this dedicated blog


What are SSL and TLS? Whenever a website owner receives a certificate for SSL, S is linked to http. S means protected.

The upgraded version of SSL is called TLS.

This, after SSL 3.0, instead of calling 3.1, may be known as TLS 1.0. At the present time (2018) we are using TLS 1.2.

Friends https is a protocol that works between your browser and the webserver.


How it works is what bandwidth is

If a website is loaded from https, it does not mean that it is 100% secure and your data such as credit card, mobile number, etc. will not be misused.

Hackers can also launch websites with SSL certificates. Nowadays, companies offer freebies for several months.

https just to show that any data is flowing between your browser and the web server, it is only safe for your browser and web server.

Other than that if the owner of the webserver is corrupt, something can happen. However, such possibilities are less.
Friends, whatever data we search on the internet. That information belongs to a website.

And this information is stored on the server of that website.


HTTP and HTTPS

When someone brings or downloads information from their mobile or PC browser to their screen, a connection is established between your browser and that server. This is an http form

HTTPS is a protected version of HTTP. HTTP is an application that follows HTTP rules and transfers files to www accordingly.
http stands for HyperText Transfer Protocol. This means it is in text form.

This means that the answer will come in plain text as soon as we send the request. It works on port 80.

If a hacker wants to, he can add a separate connection in the middle to find out what kind of data you are using.

However, if STS is added, it becomes secure.

Meaning https = Hyper Text Transfer Protocol is secure.

You can learn about the site's credentials and CA by clicking on any site's URL lock icon.

This means that hackers can't get that data between your servers and browsers even if they want to. This is because everything that is being transferred from the server to the browser is in encrypted form. It works on port 443.


How to host a site in Cloudflare

That is, no one can steal this data and if someone else steals it, they will not be able to decrypt the information in its original form.
And thus they will not be able to read / access the data.
SSL Certificate Type (Main)

There are 3 types of SSL certificates.
1 - DV (domain validity)
2 - OV (Company Validity)
3 - EV (increased validity)


Domain Verified (DV) Certificate

Only the owner / owner of the domain is checked in this certificate. A certificate is obtained if the domain owner is correct.
CA i.e. certified by the authorized authority
This certificate is great for the cheapest and smallest websites, personal blogs etc. But you should avoid your credit card information or any kind of transaction offer from the user here. It turned into an issue in a matter of minutes.

Company Validity (OV)

It is a bit more expensive than a DV certificate. However, in order to verify the good for any medium-sized e-commerce website, this certificate is obtained by verifying the credentials issued by the government.
It takes one to two days to become an issue. These are mostly used on university, educational or government sites.

Extended Validity (EV)

This certificate is the most expensive and high security certificate. It took about a week to get released. These are for large organizations or websites
Banking


Wild Card SSL Certificate

This certificate is good for any business name. It protects unlimited subdomains of any domain.
Such as business.com, info@business.com, contact@business.com.
This certificate is good for new and emerging businesses.


Multi Domain SSL Certificate

By name. In this one certificate, you can add and delete multiple domains you want.

All companies have their own schemes which issue different SSL certificates under DV, OV and EV validation.

How SSL works

Details

Before we learn about its effectiveness, we need to know about the terms used under it. Let us know -

Any trusted and latest browser like Chrome, Firefox, Safari etc. already has digital signature installed by CA (Certification Authority). This is why browsers check the authenticity of certificates sent by web servers.
The symmetrical key algorithm (public and private key) is used to identify the owner and his public key.

Once the connection is established, symmetrical key algorithms are used to delete and encrypt the data.

We can easily understand this with this example. Suppose, I want to send a request to Google's website and I want all requests to be encrypted.
So I'll type from my browser
https://google.com Then I press the key as soon as my browser sends a request to Google Webser for protected pages.

2 - Now Google Server will send its public key with SSL certificate to my browser.

3 - When my browser receives this certificate, whether the issuer of this certificate is genuine will match the digital signature already installed inside it.

4 - Once the match is correct, a green padlock icon will appear in the address bar.

5 - The next step after verification is to exchange the secret key.

For this, my browser will create a symmetrical key 'shared secret' and keep a copy of it and send it to another Google web server.
Since my browser does not want to send the shared secret in plain text, it will use the web server's public key and encrypt the shared secret and send it to the web server.
When Google's web server receives this encrypted reciprocal key, it will decrypt it using its private key.
Now the web server has got the key shared by my browser. Traffic from here will be encrypted and decrypted from these keys. All requested data from these will be exchanged in the form of encryption.

What is CSR?

CSR means Certificate Signing Request
This is an encrypted message that SSL applicants fill out in order to obtain an SSL certificate.
The name, address, address, country etc. of the applicant are covered under CSR. Through this the CA or certification authority examines the site.
Whenever someone applies for SSL, it is filled online.

If you like my post, be sure to share it on social media and with your friends, and if you have any suggestions or questions, please leave a comment.

Post a Comment

0 Comments