SSL Jargon-Buster
Use our handy SSL jargon-buster to clarify all the SSL terminology.
256 BIT SSL ENCRYPTION
256 Bit SSL Encryption is a more secure form of encryption than the 128-bit size. It indicates that the key used to encrypt data transferred between a web browser and a web server is 256-bits, making it computationally unfeasible to crack, hence offering strong SSL security.
CERTIFICATION AUTHORITY
A public Certificate Authority verifies the certificate owner's information with a Registration Authority within a public key infrastructure. It can also manage and issue digital certificates for data encryption through security credentials and public keys. An SSL Certificate is issued only after the purchaser’s information is verified by the RA.
CPS (CERTIFICATION PRACTICE STATEMENT)
CPS stands for Certification Practice Statement. This document, published by the certification authority, outlines the practices and policies employed in issuing, managing, and revoking digital certificates.
CRL (CERTIFICATE REVOCATION LIST)
CRL stands for Certificate Revocation List. This digitally signed data file contains details of revoked digital certificates. Users can download and install it in their browsers to ensure that revoked certificates are not trusted.
CSR
CSR stands for Certificate Signing Request. The first stage in applying for an SSL Certificate involves creating a CSR on your web server, which requires specific company and website information. This file will be needed when you apply for your SSL Certificate.
Domain Validated SSL CERTIFICATE
A Domain Validated SSL Certificate verifies the website's domain name rather than the domain owner's identity. The Certificate Authority (CA) checks the applicant's right to use a specific domain name, which visitors can view when they click the Secure Site Seal.
Extended Validated SSL CERTIFICATE
An Extended Validated SSL Certificate offers the highest industry standard for authentication. The CA performs an in-depth annual audit of the applying company to ensure information integrity. An EV SSL Certificate provides the best level of customer trust, turning the address bar green in high-security browsers like Google Chrome and Internet Explorer and displaying the legitimate website owner's name and the issuing security provider.
GREEN ADDRESS BAR
The Green Address Bar visually indicates to customers that the website is secured with an EV (Extended Validation) SSL Certificate. High-security browsers recognize these websites by turning the URL address bar green.
HOST HEADERS SSL
Host headers allow IIS to serve multiple websites using the same IP address. However, since an SSL Certificate requires a dedicated IP address, host headers cannot be used with SSL. When the SSL protocol is engaged, the host header information is encrypted, preventing the web server from knowing which website to connect to.
HTTPS
HTTPS stands for Hyper Text Transfer Protocol Secure. When a website has its own SSL Certificate, the URL changes from http:// to https://, indicating a secure and encrypted connection.
IIS (INTERNET INFORMATION SERVICES)
IIS stands for Internet Information Services, Microsoft’s popular web server software, which fully supports SSL, including a CSR generation wizard.
OPEN SSL / MOD SSL
The OpenSSL Project is a collaborative effort to develop a robust, full-featured, open-source toolkit for implementing SSL (v2/v3) and TLS (v1) protocols, as well as a general-purpose cryptography library. The project is managed by a worldwide community of volunteers.
Organization Validated SSL CERTIFICATE
An Organization Validated SSL Certificate verifies both the website's domain name and some company information. The Certificate Authority (CA) checks that the company is legally operating. This additional information is available when visitors click the Secure Site Seal.
SSL ACCELERATOR
Typically, the SSL handshake and subsequent data encryption between a browser and web server are handled by the web server. However, for highly trafficked sites, an SSL accelerator can improve concurrent connections and speed up the SSL handshake, offering the same SSL support as web servers.
SSL CERTIFICATE
An SSL Certificate (Secure Sockets Layer Certificate) encrypts data transmitted between a browser and web server. Developed by Netscape, it is supported by most major web browsers. An SSL certificate must be installed on the web server for SSL to function, changing the URL from ‘http’ to ‘https’ and displaying a padlock icon on most browsers.
SSL HANDSHAKE
The SSL handshake is the process of communication between a web server and an internet browser to establish an SSL session. The browser sends a challenge data request to the server, allowing it to cryptographically prove its identity. Upon successful verification, the handshake is completed, and the session is encrypted, ensuring secure data transmission.
SSL KEY / PRIVATE KEY
The SSL Key (Private Key) resides on a web server and is created alongside the CSR. It proves that the server is authorized to use the SSL Certificate. An SSL Certificate is installed on a web server and paired with the SSL Key upon issuance.
SSL PORT / HTTPS PORT
An SSL port (HTTPS port) is designated for SSL traffic on a web server. The industry-standard port is 443, while non-secure HTTP traffic typically uses port 80.
SSL PROXY
An SSL Proxy allows non-SSL aware applications to be secured by SSL. It adds SSL support by integrating into the connection between the browser and web server. Stunnel (www.stunnel.org) is one such SSL proxy.
TLS CERTIFICATE
TLS Certificate stands for Transport Layer Security Certificate, a protocol designed to supersede SSL.
WILDCARD SSL / SHARED CERTIFICATE
A Wildcard SSL allows unlimited use of different subdomains on the same domain name. It enables a hosting company to share a single SSL Certificate across multiple websites without issuing individual SSL Certificates for each customer. The wildcard certificate secures multiple subdomains within its network (e.g., www.bowhosts and shop.bowhosts).