2.0 How SSL works 2.1 - Transmitting Data Privately SSL uses encryption and decryption to ensure that data is transmitted privately. It works on the public-and-private key encryption system from RSA. The web server contains a private and public key "signed" by a Certificate Authority. The public key is used to encrypt data, but it can only be decrypted using the private key. SSL uses two types of encryption: public key and symmetric key. Public (Asymmetric) key encryption Public key encryption uses a key pair made up of a public and a private key. The keys are mathematically linked; that is, data encrypted with one key in the pair can only be decrypted using the other key in the pair. The public key can be distributed and made generally available. The private key is kept private. A web server and web browser use public key encryption when first establishing communications with each other. Specifically, it is used during the SSL handshake when the web browser authenticates the web server. After the handshake is complete, the web server and web browser switch to the more efficient symmetric key encryption for the remainder of the transaction. Symmetric key encryption Symmetric key encryption uses a single key. The web browser and the web server create the key (called a session key) during their initial interaction (the SSL handshake). The same key is used to both encrypt and decrypt the data. This encryption ensures that no one else can read the data being transmitted in either direction. A different session key is used for each server/browser connection, and the session key automatically expires after twenty-four hours. 2.2 - Ensuring the Data Is Not Altered During Transit SSL uses cryptographic hashing to ensure that no one alters data during transit. Cryptographic hashing creates a unique hash value based on the content of transmitted data. The content of the data cannot be determined from the hash value and it is nearly impossible to compose another message that computes to the same hash value. Both the web server and the web browser compute hash values using the same hashing algorithm. If the hash values are the same, the data was not altered. When sending data to a web browser, the web server computes a hash value for data then sends the hash value and the data to the web browser. When the web browser receives this information, it computes its own hash value for the data then compares the two hash values. If they match, the web browser is assured that the data was not altered during transit. A similar process occurs when the web browser sends data back to the web server. The web browser computes a hash value then sends it and the data to the web server. The web server computes a hash value for the data and compares it to the hash value computed by the web browser. This process assures web browser users that information they receive from the web server has not been altered and that information they fill in on an HTML form is not altered before it reaches the web server. 2.3 - Authenticating the Web Server SSL uses digitally signed certificates to authenticate the web server, that is, to assure the web browser that it is communicating with the organisation it thinks it is. A certificate is a data structure that contains information about the organisation. It also contains the public key of the organisation’s public/private key pair. Because the certificate contains the public key, it binds a public/private key pair to the organisation. The key pair is used for public key encryption during the SSL handshake. A server certificate is a certificate that attests to the identity of an organisation that owns a web server. Certificates are issued by certificate authorities such as VeriSign. A certificate authority is a trusted company or organisation that confirms that an organisation is what it claims to be. To obtain a server certificate, an organisation must send a certificate signing request (CSR) to the certificate authority. After conducting research to ensure the organisation is what it claims to be, the certificate authority digitally signs the certificate and sends it to the organisation that requested it. To create the digital signature, the certificate authority computes a hash value based on the contents of the certificate. A hash value is an error-checking value derived from the addition of a set of numbers taken from data (not necessarily numeric data) that is to be processed or manipulated in some way. After processing, the hash total is recalculated and compared with the original total. If the two do not match, the original data has been changed in some way. The certificate authority then encrypts the hash value with its private key. The digital signature is the encrypted hash value. The digital signature is stored with the certificate. When the organisation that requested the certificate receives the certificate, it loads it to its web server. When an SSL request is made, the web server sends the certificate to the web browser. When the web browser receives the certificate, it can read the information about the organisation and its public key. To validate the certificate to ensure it contains the information digitally signed by the certificate authority, the web browser verifies the digital signature. Because the digital signature is an encrypted hash value that was computed based on the contents of the certificate, the web browser needs to compare hash values. The web browser computes a hash value based on the contents of the certificate it received. It then decrypts the digital signature to determine the hash value that the certificate authority computed. If the two hash values match, the web browser is assured that the certificate contains the information that the certificate authority verified and digitally signed. 2.4 - The SSL Record Protocol An SSL record consists of two parts, the header and the data. The header can either be 3 bytes in length or 2 bytes in length, the latter being employed if there is no padding data. The escape bit is not used in version 2 of the protocol but it is suggested that it is used to designate Out-Of-Band data in future versions. For a 2 byte header, the maximum record length is 32767 bytes whereas a 3 byte header will only allow a record length of up to 16383 bytes. The data part of the record consists of a Message Authentication Code (MAC), the actual data itself and padding data, if required. It is the data part of the record which is encrypted in its entirety when encryption is necessary. Padding data is only required for use with block ciphers. It is used to pad out the length of the data block to be a multiple of the block size of the cipher. If a stream cipher is used or the data is already a multiple of the block size, then no padding is required and a 2 byte header record can be used. The MAC is a hash or message digest of the secret write key of the sending party, the actual data, the padding data and a sequence number in that order. The sequence number is a 32 bit integer which is incremented after each message is sent. 2.5 - SSL Handshake The SSL handshake occurs when a web browser user first requests information from a web server that is using SSL. The following is accomplished during the SSL handshake: The web browser and the web server negotiate the cipher suite they will use for the rest of the security services. The web browser authenticates the web server. The web browser selects and transmits a symmetric key to the web server. The handshake protocol is composed of two phases. Phase 1 deals with the selection of a cipher suite, the exchange of a master key and the authentication of the server. A cipher suite is made up of three techniques: Key exchange technique--This is how the web browser and web server will exchange the symmetric key that will be used for the symmetric encryption that takes place after the SSL handshake is complete. Symmetric encryption technique--This is the type of symmetric encryption to be used, for example, RC2 or RC4. Hashing technique--This is the type of hashing the web browser and the web server will use to ensure the data is not altered during transit. Phase 2 handles client authentication, if requested and finishes the handshaking. After the handshake stage is complete, the data transfer between client and server begins. All messages during handshaking and after, are sent over the SSL Record Protocol layer. To allow the web browser to authenticate the web server, the web server sends its server certificate to the web browser. The web browser validates the server certificate. The web browser selects an appropriate symmetric key for the type of symmetric encryption to be used. It then encrypts the symmetric key using the web server's public key. (The web browser obtained the web server's public key from the server certificate.) The web browser then sends the encrypted key to the web server. Using its private key, the web server decrypts the symmetric key. Now both the web browser and the web server have a secret key that they will use to send data back and forth. The handshake is complete. 2.6 - SSL and The ISO Reference Model It is important that any new communications protocol conform to a standard model if it is to easily replace or become part of an existing protocol structure. The ISO Reference Model for Open Systems Interconnection or 7-Layer Model is the most popular abstraction [HAL93]. Figure 2.1 2.7 - Example of an SSL Transaction: The web browser user enters a URL to access information from a web server that is using SSL, for example: 1. https://www.company.com:443/ 2. The web browser and web server perform the SSL handshake, which consists of the following steps: The web server and the web browser negotiate what cipher suite they will use. The web server sends its certificate. The web browser authenticates the web server by validating the web server's certificate. The web browser and web server create the symmetric encryption key that they will use to send data back and forth privately. 3. The web server sends the requested data to the web browser by performing these steps: Computes the hash value for the data. Encrypts the data and hash value using the symmetric encryption key. Sends to the data and hash value to the web browser. 4. The web browser receives the data and hash value. Then it: Decrypts the data and hash value. Creates a hash value for the data. Compares its hash value to the hash value the web server computed. Displays the data if the hash values match. 5. The web browser user fills in information on an HTML form and uses the submit button to return the information to the web server. 6. The web browser sends the HTML form data to the web server by performing these steps: Computes the hash value for the data. Encrypts the data and hash value using the symmetric encryption key. Sends to the data and hash value to the web server. 7. The web server receives the data and hash value. Then it: Decrypts the data and hash value. Creates a hash value for the data. Compares its hash value to the hash value the web browser computed. Continues processing the request if the hash values match. The process continues with steps 3-7 until the SSL transaction ends. Introduction Sending encoded messages through a network of third parties has been done for centuries. Julius Caesar encoded messages by shifting the alphabet. The Incas tied knots on to a "quipu" which only they could decode, and runners would transport their secrets across the vast Incan empire. Definitions Today when you are in a face-to-face negotiation with someone you take for granted that you have "availability", "authenticity", "integrity", and "privacy" during the conversation. Let me define these four terms, for they all necessary to insure a secure electronic transaction over the Internet. Availability Availability is sending and receiving information without interruption. You want to be sure that not only did you get the entire message, but that the other party got your message as well. During a conversation you can tell when the other party is not listening to you. Authenticity Authenticity is making sure that the person you are talking to is really who they are. As human beings we are very good at recognizing faces and voices, so we know who we are talking to. Even if we do not know someone, we can ask for some form of identification such as a driver's license. Integrity Integrity is sending and receiving information without modification. Your data should not be tampered with. Privacy Privacy is not having people eavesdropping on your conversation. Intercepting messages during World War II lead to the United States of America winning at least one naval battle. Your credit card information will travel over the Internet, being relayed from computer to computer in a manner similar to the Incan runners. On the Internet you want to have availability so that you can access the Web server and complete your transaction. You must have authenticity to be sure the merchant you are dealing with is legitimate. You need integrity so that zeros do not get added to invoice amounts. You need privacy so that no one intercepts your credit card number. This is accomplished by using Secure Socket Layer (SSL). What is SSL SSL is the most widely used security protocol on the Internet. SSL was developed by Netscape and resides at the transport layer. Because SSL resides at the transport layer it is application independent, meaning it can work transparently with other Internet protocols such as http, ftp, and telnet. SSL is composed of two layers. At the lowest level is the SSL record protocol which is layered on top of the transport protocol. It is used for encapsulation of the SSL handshake protocol. The SSL handshake protocol enables the client and the server to authenticate each other. It also negotiates an encryption algorithm and cryptographic keys before the application protocol (https) starts transmitting or receiving. The SSL handshake protocol has two phases, server authentication and client authentication. The client authentication phase is optional. SSL works with a pair of asymmetric keys for encryption and decryption, and certificate authorities (CA). The asymmetric keys make it possible to communicate without a pre-established relationship. They are made up of a public key which is freely distributed, and a private key which never goes across the Internet. A public key and private key pair are mathematically related. Cryptography is the mathematics of security. Certificate Authority A certificate authority is a trusted third party. One could say the State of Florida is a CA, because it issues driver's licenses. A driver's license is a certificate because it says that the person matching the picture and the signature on the driver's license is indeed the name that appears on the driver's license. On the Internet, before a CA will issue a certificate it will run a background check. How thorough the background check is depends on what kind of certificate you want and are willing to pay for. For example, VeriSign, a leading CA, will issue you a client certificate which costs US$9.95 per year. All you need to supply is your first name, last name, and electronic mail address of which only the last one is verified. In exchange, you get up to US$1000 protection against economic loss caused by corruption, loss, or misuse of your digital certificate. It can be revoked or replaced for free if it is lost or corrupted. Of course there are more expensive certificates, with stricter background checks, which merchants on the Internet use for electronic commerce. How SSL works SSL works in the following way. A browser connects to a Web server. The Web server responds by sending its digital certificate. The server's digital certificate contains the server's public key, the CA's public key, the server's digital signature algorithm, the CA's digital signature, and other pertinent information. The browser can prove the identity of the server and verify the message digest of the server by using the public key taken from the certificate and checking the result against the certificate of the CA that it has. Browsers contain certificates of several CA. You can view them by clicking on the appropriate browser configuration option. The browser recognizes the CA certificate, and since the CA is a trusted third party guaranteeing the identity of the Web server, the Web server is authenticated. SSL generates four session keys, which are only valid for that session. The keys usually expire within 20 to 30 minutes. The keys are: an encryption key for data sent from the browser to the server, an encryption key for data sent from the server to the browser, an authentication key for data sent from the browser to the server, an authentication key for data sent from the server to the browser. This is known as the SSL handshake, and once established, encrypted data is sent across the Internet. The data is encrypted using a symmetric cipher algorithm. This strengthens security by using the secret as another key. At this point someone cannot discover the secret, but they could interrupt the communication by damaging the secret. Someone could pass most of the information back and forth unmodified, but if lucky could successfully garble an important message after the client and the server shared a secret. The side receiving the message will trust and probably believe the garbled message, and act on it. If this does not produce a valid message, the communication can stop immediately. The browser and the Web server can add a Message Authentication Code (MAC) which is a piece of data computed by using a secret and some transmitted data. The message digest algorithm is a way to build a MAC function. Now the chance of a message being intercepted and modified is extremely small. For example, with an MD5 digest algorithm using 128-bit MAC values the chances are 1 in 2128. Your chances of winning the Florida lottery are slightly better than 1 in 2 24. With these odds one can feel pretty confident that communication between browser and Web server is secure. SSL Certificates Reviewed SSL Certificates are essential for transmitting data securely over the Internet and for providing authentication. Standard on most Web servers and Web browser packages, SSL is used by Internet merchants, organizations and other parties to securely transmit data, such as credit card information. This article delivers a comprehensive review of SSL and digital certificates, with useful resources, reviews of SSL certificate authorities, SSL technology, benefits, your SSL options and a whole lot more. What is SSL? Short for Secure Sockets Layer, SSL is a protocol developed by Netscape for transmitting private documents via the Internet. SSL works by using a private key to encrypt data that's transferred over the SSL connection. The SSL protocol uses digital certificates to create a secure, confidential communications 'pipe' between two entities. Data transmitted over an SSL connection cannot be tampered with or forged - without the two parties becoming immediately aware of it. Secure Sockets Layer (SSL) - Key Points SSL is the standard security technology for creating an encrypted link between a Web server and a browser. SSL is used by millions of Web sites to protect their online transactions ? Ecommerce stores, Merchants, and other organizations all use 128-bit, 56-bit or 40-bit encryption. SSL is a standard part of most Web servers and Web browser packages. SSL just needs to be 'activated' on Web servers. SSL (https) operates on port 443. HTTP operates on port 80. 3rd party credit card processors (or ISOs) provide SSL security when your customers are transferred to their secure site. But you still may need SSL for member logins, registering accounts and other occasions whenever sensitive info. is transferred on your Web site. SSL deals with encryption only. For security and trust, the site also needs to be authenticated by a Certificate Authority - which helps prove you are who you say you are. A 'secure' page is one that has https:// in the browser bar (instead of http://). 'secure' page also displays a 'lock' icon in the status bar at the bottom of the page in both Internet Explorer and Netscape browsers (toolbar). Lock icon only indicates that SSL encryption is being used. You must click on the padlock icon (or a CA seal) to view information about the encryption levels, certificate paths and authenticity of the Web site. SSL requires a bit more processing power than normal http pages. Only use on pages you need to when a customer/client starts supplying their information. SSL does not support name-based virtual hosts. An SSL certificate is issued to a fully qualified domain name (FQDN). One SSL certificate is required per FQDN. Each SSL certificate requires its own unique IP address. SSL can't be configured on name-based hosts unless the VirtualHosts use different SSL ports. SSL certificates are generally offered for 1 or 2 year periods. Most browsers have built-in security measures alerting you when you're viewing an SSL secure server page. Many browsers, including IE and Netscape also alert the user when there are problems with the Web site's digital certificate and if your information is not secure. Table 1.1 - Secure Sockets Layer (SSL) - Key Points. SSL Secure Padlock As noted in Table 1.1, a page using SSL encryption displays https:// in the browser bar and shows the padlock icon in the status bar (in IE). Clicking on the padlock icon reveals the SSL certificate and its details. Figure 1.1 - 'Lock icons' are displayed in the bottom right-hand corner of the screen. The above screenshots show examples of the padlock icon in Internet Explorer and Netscape browsers. Figure 1.2 - View detailed information about the Web site's digital certificate by clicking on the padlock icon or by clicking on a site seal (which is a pretty authentication seal offered with many (but not all) SSL certificate packages. As you can see from Figure 1.2, clicking on the padlock icon brings up a popup window with three tabs (in Internet Explorer) - General, details and certification path. Here are some details which you may like to check out: Certification Path: Shows you who is the trusted CA authority issuing the certificate (if any). You'll see the trusted authority with a chain to the Web site in question. If the Web site is using a chained SSL (aka intermediate) digital certificate, then you'll see the 'chain' of certificates (one 'trusted', one 'intermediate', then finally the Web site's SSL server certificate. We'll discuss chained SSL certificates later on in the article. Details: The details stored by a digital certificate vary between certificate authorities. You can view the encryption strength (128-bit or 40-bit), identified by RSA (1024 bits) and RSA (512 bits), validity dates of the certificate, methods of validation, the domain name the certificate is issued to and more. Click on 'subject' in the details category for more information on the SSL certificate. SSL Certificates - Their Uses SSL certificates are used to secure confidential information sent over the Web. SSL is used by Merchants to send credit card details to payment gateways for processing Securing information sent over corporate intranets Providing authentication and security for applications Many Web sites have areas of their Web sites displaying 'sensitive' information. SSL is required to ensure security and trust. For those transferring sensitive information, 128-bit encryption is industry standard for encryption. SSL Benefits SSL is essential for sending sensitive information on the Web. Key benefits include: Customers will only submit their credit card information if they know that it is secure Your end-users will know they are dealing with a trustworthy partner - if authenticated by a CA (more details on this later) Your business will gain a competitive edge over those foolish enough to not use SSL encryption Transport Layer Security Transport Layer Security (TLS) is the newest version of the SSL standard. There will be no more SSL versions (of which there were three versions). The Internet Engineering Task Force (IETF) are behind working on the new TLS protocol. As with SSL, TLS ensures that no third party may eavesdrop or tamper with any message. TLS is composed of two layers: the TLS Record Protocol and the TLS Handshake Protocol. The TLS Record Protocol provides connection security with some encryption method (can also be used without). The TLS Handshake Protocol allows the server and client to authenticate each other and to negotiate an encryption algorithm and cryptographic keys before data is exchanged. The TLS protocol is based on Netscape's SSL 3.0 protocol. The most recent browser versions support TLS. The TLS Working Group, established in 1996 by the IETF, continues to work on the TLS protocol and related applications. More information can be found at IETF.org. Useful SSL Resources Secure Sockets Layer - As guide from Netscape - Find some good information from the creators of the SSL protocol - Netscape. Find out how SSL works, digital certificates - and how to get a certificate for your server. An informative read. SSL Specification - View the SSL specification from Netscape. SSL and TLS - SSL and TLS: Designing and Building Secure Systems by Eric Rescorla is a popular book on SSL receiving good reviews at Amazon.com. If you're looking for comprehensive information on SSL, TLS and digital security, then this book comes highly recommended by industry pros. SSL Crypto Strength SSL provides encryption between Web browsers and Web servers. This encryption is based on the RSA algo (rsasecurity.com). Encryption can be done at different 'strengths', depending on what the software supports at each end. The strength is specified by the length of the session key (more on this soon). Encryption can be 40-bit, 56-bit or 128-bit. Cryptographers consider 128-bit impossible to crack and is the recommended and standard for banks, large-scale online merchants, brokerages and many other organizations. 128-bit is approximately 3x10^26 times stronger than 40-bit encryption. Browser Types The USA restricted the export of strong encryption products meaning that many browser versions developed for export from the US were not automatically enabled to encrypt 128-bit encryption. Most SSL Certificate Authorities provide SSL certificates which enable 128-bit encryption - no matter what browser type they have. Cryptology and Digital Certificates Cryptology and Digital Certificates - Key Points Key Management ? The term 'key' refers to a numerical value used by an algorithm to alter information. Encryption makes that information secure and visible only to individuals who have the corresponding key to recover the info. 'Key Management' refers to the secure administration of keys to provide them to users where and when they are required. Symmetric Cryptology ? Uses the same key for both encryption and decryption. There's always the problem of how to securely transfer the keys to the recipients of the message, so they can decrypt the message. Public-key Cryptology ? Removes the need to use the same key for encryption and decryption. Keys come in matched 'public' and 'private' keys. The public part can be distributed in a public manner. The private part is kept secret by its owner. Encryption can only be undone with the corresponding private key. The mechanics of public-key encryption ensure that a stolen certificate is useless. Table 1.2 - Cryptology and Digital Certificates - Key Points. Digital Certificates and SSL Digital Certificates are electronic files that are used to uniquely identify people and resources over networks. Digital certificates also enable secure, confidential information between two parties. A digital certificate typically includes a variety of information pertaining to its owner and the Certificate Authority that issued it. A Certificate Authority is an organization responsible for issuing, revoking and renewing digital certificates. A Certificate Authority (CA) acts very much like a Passport Office. By using a variety of validation techniques (send in documents, domain name validation, telephony and more), a CA authenticates a business - adding to consumer confidence that your business is a legitimate one. By clicking on the padlock icon on any 'secured' page, you can view the Certificate information. Typically, information includes: Name of holder and other identification info. (some include more details than others) Holder's public key Name of the CA that issued the digital certificate Serial number Validity period (or lifetime) of the certificate (start and end date) In creating the SSL server certificate, the information is digitally signed by the issuing CA. The certificate is based on public-key cryptology. Web server certificates ? A certificate that authenticates the identity of a Web site to visiting browsers. When a browser wants to send confidential information to a Web server, the browser will access the server's digital certificate. The digital certificate, which contains the Web server's public key is used to a) authenticate the ID of the Web server and b) Encrypt information on the server using SSL. CA certificates ? A CA certificate is one that identifies a Certificate Authority. CA certs. are just like other digital certificates, except they are self-signed. The CA certificate is used to authenticate and validate the Web server certificate. When a Web server certificate is presented to a browser, the browser uses the CA cert. to determine whether to trust the Web server certificate. If it is not trusted, then the server certificate is rejected and you'll get warnings from your browser stating so. CA certificates come pre-installed on most web browsers. To view a list of Trusted Root CA Certificates (aka Single Root Certificates) stored on your browser, navigate to the following: Tools > Internet Options > Content > Certificates > Trusted Root Certification Authorities How Digital Certificates are used in an SSL Transaction Figure 1.3 - How Digital Certificates are used in an SSL Transaction. The SSL "Handshake" is the process of identifying the two parties that want to establish an SSL connection is complete, and a secure communications "pipe" has been established. The entire process happens transparently and takes only seconds - as illustrated in Figure 1.3. Currently, browsers such as Internet Explorer and Netscape do not distinguish between high-assurance (authenticated) and low-assurance (unauthenticated) certs. A visitor must click on the padlock icon (or authentic seal) to view validation and authenticity of the Web site provided by a Certificate Authority (if any). Authentication For added security and trust, authentication by a third-party is recommended. Encryption is not enough. Anyone can use encrypt with SSL by self-signing a certificate, and some 'authorities' even distribute unauthenticated certificates. Authentication means that a trusted authority can prove that you are who you say you are. A secure Web site involves both encryption AND authentication from a trusted Certificate Authority. Authentication ? Typically, the "signer" is a Certificate Authority (CA). However, some are not CAs, and many are even self-signed by merchants and scam-artists themselves. And some companies who state they're a CA, provide unauthenticated SSL certificates, ie their certificate isn't trusted and they don't use chainedSSL to inherit trust from trusted root certificates. This practice exposes users to the risks of false online storefronts. Authentication - Key Points Authenticated SSL certificates enable a Web site visitor to: Securely communicate with the Web site, such that info. cannot be intercepted (confidentiality) or altered without detection (integrity). Verify that the user is actually visiting the company's Web site and not an imposter's site. Seeing a padlock icon is not enough ? You need to view the certificate to see what authentication methods (if any) have been used. Sending info. with SSL encryption without authentication from a trusted third-party (a CA), can be likened to sending a confidential letter to the wrong address. Table 1.3 - Authentication - Key Points. How Authenticated SSL Works Certificate authorities use a variety of methods to authenticate a business. For example, Verisign use manual verification of an organization's validity. Their checks include: Confirmation that the organization named in the certificate has the right to use the domain name included in the certificate Confirmation that the the organization named in the certificate is a legal entity Confirmation that the individual who requested the SSL cert. on behalf of an organization has the right to do so Manual validation usually involves the requesting company to fax in various documents. This process can take several days or longer - but is the most thorough of authentication methods. Some CAs only validate the right of an entity's right to use a domain name - not a very reliable method. Manual validation ? Validation of domain name ownership and business legitimacy. Send in/Fax documents to the Certificate Authority. Can take 2, 4 days or longer. Automatic Validation ? Many companies are cutting their costs considerably (and offering far cheaper SSL certs.) by using automatic validation methods. These use computers, databases and automated routines to check business legitimacy. Common automatic validation methods include a) Domain control validation b) ChoicePoint (Equivalent to Dun and BradStreet) - visit www.choicepoint.com. c) Automated Telephony, whereby they'll give your number a call to validate address etc. Before requesting an SSL certificate from an authority, be sure to find out what is required for your business to be authenticated and how long it will take. Automated validation can take just minutes or a day or less. Applying for an SSL - The Certificate Signing Request A Certificate Signing Request (CSR) is a public key that you (or your Web hosting provider if you don't have root access to your Web server) generate on your server that validates the computer-specific information about your Web server and organization. You need to generate a CSR request and paste the resulting code into a CA's SSL enrollment form. How you generate your Certificate Signing Request will depend on your Web server and set-up. You can usually find step-by-step guides on how to generate a CSR in your Web server documentation or documentation provided by a Certificate Authority. Verisign's Apache Server with Modssl CSR guide is one such example walking you through the process of generating a CSR. If you are a merchant and wish to use your own SSL certificate, then contact your Web host and they should set you up with a unique IP address (which is required for a SSL), and generate a CSR for you. You generate the private key (which you keep secret) and also the CSR (which you send off to the CA) A CSR request looks something like this: -----BEGIN CERTIFICATE REQUEST----MIIBPTCB6AIBADCBhDELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2Fw ZTESMBAGA1UEBxMJQ2FwZSBUb3duMRQwEgYDVQQKEwtPcHBvcnR1bml0aTEYMBYG A1UECxMPT25saW5lIFNlcnZpY2VzMRowGAYDVQQDExF3d3cuZm9yd2FyZC5jby56 YTBaMA0GCSqGSIb3DQEBAQUAA0kAMEYCQQDT5oxxeBWu5WLHD/G4BJ+PobiC9d7S 6pDvAjuyC+dPAnL0d91tXdm2j190D1kgDoSp5ZyGSgwJh2V7diuuPlHDAgEDoAAw DQYJKoZIhvcNAQEEBQADQQBf8ZHIu4H8ik2vZQngXh8v+iGnAXD1AvUjuDPCWzFu pReiq7UR8Z0wiJBeaqiuvTDnTFMz6oCq6htdH7/tvKhh -----END CERTIFICATE REQUEST----Once the verification has been done, the CA signs-off on the public key. The Public key then comes back to the Webmaster (or host), who then loads it into the Web server. As soon as both the private and public keys (a matching pair) align perfectly, the SSL will start functioning. For each SSL session, the client sends the server a session key (40-bit, 128-bit) encrypted using the server's public key. How to tell if a Web site is Authentic? Internet Explorer and Netscape Navigator browsers have built-in mechanisms to prevent users from submitting their information over unauthenticated channels (as do other browsers). Netscape's default is to show alert the user when they request an encrypted page using SSL. The 'warning box' will also tell you if there are any problems with the certificate too. IE, Netscape and most likely many other browsers display warnings if you try to submit secure info. on an SSL page when there's a problem with the certificate. A 'problem' is usually one of the following: a) Not trusted by a recognized CA. b) The certificate doesn't match the domain c) Going to a different domain (usually when using SSL - whether this displays or not depends on the browser).