|
Server certificates take advantage of TLS to work seamlessly between your web site and your visitors' web browsers. This is how the process works:
| 1. | A customer contacts your site, accessing a secured URL (indicated by a URL that begins with "https:" instead of just "http:" or by a message from the browser). When a web-connection uses SSL, it connects to port 443 instead of port 80. This causes the prefix of a web address to start with HTTPS (443) instead of HTTP (80). |
| 2. | Your web server responds, automatically sending the customer your site's digital certificate, which authenticates your site. |
| 3. | Your customer's web browser generates a unique "session key" to encrypt all communications with the web site. |
| 4. | The user's browser encrypts the session key itself with the site's public key so only the site can read the session key. |
| 5. | A secure session is now established. It all takes only seconds and requires no action by the user. Depending on the browser, the user may see a key icon becoming whole or a padlock closing, indicating that the session is secure. If your site doesn't have a digital certificate, visitors will see a warning message when they attempt to offer credit card or personal information. |
See Also:
A Server Certificate is Domain/Web Site specific
Help with Certificates
|
