An SSL certificate is a file that is used to link the details of an organisation (e.g. the domain name, like www.thinkit.co.uk) to a ‘digital key’ that is used to encrypt data. The digital key is called a ‘cryptographic key’. The encryption is applied through the HTTPS protocol (signified by the padlock in the browser address bar), and often encrypts the connections between a web browser and a web server or email server.
SSL stands for ‘Secure Sockets Layer’, and it is (or rather, was) a protocol designed to add security to data transmitted over a network. Serious security issues were found in SSL, however, and it has now been ‘depracated’ in favour of later versions of TLS.
TLS, or Transport Layer Security, evolved from SSL and, though people still talk about SSL, is now the dominant protocol for securing communications between a client (e.g. a web browser) and a server (e.g. a web server). The same security issues that caused problems with SSL were present in early versions of TLS, but versions 1.2 and newer are currently considered secure.
In the example of a website, an SSL certificate is used to secure the connection between the web browser and the web server by encrypting it. This means that sensitive data (like credit card numbers, for example) cannot be read by an attacker trying to intercept data inside that encrypted connection. In the example of email, it secures the connection between the email client and the email server. An SSL certificate may also be used in a VPN, between the client and the server.
An SSL certificate, confusingly, needs to use TLS rather than SSL to be secure. SSL Certificates need to be issued from a trusted Certificate Authority (CA). Browsers, operating systems, and mobile devices maintain lists of trusted CA ‘root certificates’, which must be present on the end user’s machine in order for the specific SSL certificate to be trusted.
What this means to you
If you have an email system, a website, or remote access to your business network over something like a VPN or using Remote Desktop Protocol (RDP), you might need an SSL certificate (or more than one).
You’ll want to know that the email server your email client is communicating with is the right one. An SSL certificate helps with that.
Visitors to your website will want to know that their connection is encrypted and any data they send can’t be intercepted. An SSL certificate helps with that.
You and your team want to ensure that, when connecting to the company network from home, or anywhere else, that the connection is secured. An SSL certificate helps with that.
Why we are good
Browsers and devices already have root certificates installed for large, trusted CAs. This means when one of those CAs issues an SSL certificate for an organisation, it will be trusted by browsers and devices that trust the CA (by having the root certificate).
That’s why it makes sense to use a large and trusted CA. Think IT are able to provide certificates from the Comodo CA (also called Sectigo), one of the largest CAs in the world.
What we can do
We’ve been helping clients with SSL certificates for a while, so we’ve built a quick, easy and effective process. Essentially, we can take care of everything; all we need is a bit of information, and we’ll get you a certificate. We can even work with you or whoever looks after your website, email system or remote access VPN, if it isn’t us, to get it installed.