What is SSL?

SSL stands for Secure Sockets Layer it’s the technology for keeping an internet connection secure and protecting any sensitive data that is being sent between two systems, preventing anyone from reading and modifying any information transferred, including potential private details. The two systems can be a server and a client (for example, a shopping website and browser) or server to server (for example, an application with personal identifiable information or with payroll information). The last version of SSL was SSL 3.0 created in 1996 which was superseded by TLS 1.0 in 1999. As of 2014 SSL version 3.0 has been considered insecure and vulnerable to attacks such as POODLE.

SSL/TLS does this by making sure that any data transferred between users and sites, or between two systems remain impossible to readIt uses encryption algorithms to scramble data in transit, preventing hackers from reading it as it is sent over the connection. This information could be anything sensitive or personal which can include credit card numbers and other financial information.

tls-version

TLS (Transport Layer Security) is just an updated, more secure, version of SSL. When buying a SSL certificate, you are actually getting a TLS certificate but is still commonly referred to as a SSL certificate. The latest version of TLS is version 1.3 (working draft only supported by firebox at the time of writing) and version 1.2 is the most used in production currently.

emeiatec-ssl

HTTPS (Hyper Text Transfer Protocol Secure) appears in the URL when a website is secured by an SSL certificate. The details of the certificate, including the issuing authority and the corporate name of the website owner, can be viewed by clicking on the lock symbol on the browser bar.

ssl-details

Hash Algorithms

Hash algorithms are used to secure certificate information and confirm the certificate between devices is genuine . SHA1 algorithms have now been replaced by SHA256 for website certificates as the most common algorithm with SHA3 being the latest version but not widely adopted.

 

sha256

We can see here SHA256 algorithm with RSA encryption which standard across many certificates. Older SHA1 certificates should be replaced with newer SHA256 certificates as soon as possible as web browsers in 2017 will start alerting end users and blocking access to sites still using SHA1 certificates.