What is SSL?

TLS (Transport Layer Security) and SSL (Secure Sockets Layer) are important and popular security protocols of the internet. The purpose of the protocol is to encrypt traffic between the server and the customer, in order to prevent eavesdropping, change, or forgery.

SSL certificate works in the form of a key and a lock. The server contains a "private key" which has to remain safe and within the organization boundaries, this acts as "a lock”. The certificate that is purchased through the Certificate Authority and is later installed on the server is referred to as a “public key”. The public key, which is a publicly listed certificate, contains the domain name (common name) and company details as provided in the CSR (a request file which is produced manually is generated from the server in which the certificate will be installed and includes details such as the domain and organization’s name/ details).

When one tries to access a service (secure web page, email login page, etc.) that is encrypted using an SSL certificate, the private key will be presented to their web browser behind the scenes. In case the web server contains the private key associated to the public key that was presented to the client, the communication between the two parties will become encrypted, and the client will receive a visual confirmation of the encryption (for example, in a web browser- a green lock will appear).

Before each purchase, it is important to know that during the issuance process you will be required to input the contents of your CSR file, issued from the server in which the certificate will be installed. A CSR includes basic information about the organization, such as; domain name, organization name, address, email, act. Alongside the CSR, a private key is also generated and the two are linked together. If you lose the private key, you will be unable to use the SSL certificate.

After purchasing an SSL certificate, the issuance process is carried out as follows:

- Copy the CSR into the designated field  

- Fill out the organization’s and contact person's details  

- Choose the Domain Control Validation method (for non code signing certificates)

- Complete the issuance process by following instructions sent by email

How to install the SSL Certificate After it is Issued

After a successful SSL certificate issuance process, the ordering party will receive an email which includes the certification in text (or file) format along a variety of links, such as:

- SSL installation guide   

- Intermediate certificate download link

- Installation tool link

It is recommended to review and follow the official installation guides and documentations, as they include information and installation instructions for a variety of servers and usually include answers to questions you may have during the installation process.
 

In recent years leading organizations, like Google (using Google Chrome), began taking actions in order to compel website owners to secure their website and to encrypt the website traffic. One of the examples for this action is how the popular web browser "Google Chrome" began to show the following error message in websites that do not have an SSL certificate installed- ‘this website is not secured’. By installing an SSL certificate you will be able to avoid the above warning message from being displayed, and enjoy the clear advantages of traffic encryption.

What kind of Authorities can Issue SSL Certificates?

SSL certificates can be purchased directly from the Certificate Authority, or from a certified certificate provider/reseller (such as Domain The Net), who sells most of the popular certificates at more attractive prices compared to the Certificate Authorities).

What are Private Key and Public Key?

SSL certificates operate with a lock and key method.
A private key is a code that is issued at the time of the CSR generation and performs as a the "lock".
The private key is a valuable and secret code which should be kept within the organization. A leak of the private key outside of the organization could endanger the server’s security and render the SSL certificate useless.
The public key the SSL certificate that is purchased and functions as the "key".
When a person browsing the web asks to reach the website hosting server, they send the "key", and assuming it has reached the correct server (the "lock") they will communicate in an encrypted manner (successfully). In the case a person browsing the web reaches a server which is not the correct one (or an imposter server), an error message will be appear.

What are Root Certificates or Intermediate Certificates?

These are public certificates issued by the Certificate Authority. Their purpose is to link the server on which the SSL certificate is installed, to the Certificate Authority's database 
After installing the SSL certificate in the organization’s server, the SSL certificate has to be connected to the Certificate Authority database (for example, Digicert) for the purpose of proper functioning and acceptance of the SSL certificate in the “real world”. For this reason, alongside the SSL certificate, you must also install the Intermediate Certificates (and sometimes the Root Certificates as well). 

Can SSL Certificates be cancelled for a monetary refund? 

Most certificates include a trial period of 30 days during which the certificate can be cancelled for a monetary refund.