Should I obtain and install a SSL/TLS certificate?
If you are operating a server of any significant size, for personal, office, or public use should consider obtaining and installing a digital certificate to encrypt data between clients and services. You can obtain a basic SSL / TLS certificate for free at StartCom Ltd.
A bit of background information might be appropriate here. A popular implementation of public-key encryption is the Secure Sockets Layer (SSL). SSL is an Internet security protocol used by Internet browsers and Web servers to transmit sensitive information. SSL has become part of an overall security protocol known as Transport Layer Security (TLS).
When browsing the web you can tell when you are using a secure protocol, such as TLS. The primary indicator is that the web address prefix of “http” is replaced by “https“. Most browsers will also display a small padlock in the status bar at the top or bottom of the browser window. When you’re accessing sensitive information, such as an online bank account or a payment transfer service, you should be using “https”. If you are not you have reason to be concerned.
It works like this: When your browser requests a secure page and adds the “s” onto “http,” the browser sends out the public key and the certificate. Validation occurs, verifying that the certificate comes from a trusted party; validates that the certificate is currently valid; and that the certificate has a relationship with the site from which it’s coming.
The browser then uses the public key to encrypt a randomly selected symmetric key. To minimize the computing load, most systems use a combination of public-key and symmetric key encryption. When two computers initiate a secure session, one computer creates a symmetric key and sends it to the other computer using public-key encryption. The two computers can then communicate using symmetric-key encryption. Once the session is finished, each computer discards the symmetric key used for that session. Any additional sessions require that a new symmetric key be created, and the process is repeated.
So, now that you know the difference between “http” and “https”, and just what a digital certificate is… and if you are operating a server, inside your home or at some remote location, it is a good idea to have a signed certificate installed. If you need one and you can obtain a class 1 certificate at no cost.
To obtain your free certificate go to StartCom Ltd.
This can get a bit technical, so if help is needed search the web for more detail help articles!