When you see padlock in address bar, URL with https:// prefix means that website is having SSL Certificate and communication between you and web would be safe. HTTPS is used to transmit the sensitive information securely over the internet. The question is How encrypts the data in HTTPS?
We need key to lock or unlock the door. Same way SSL (secure sockets layer) Certificate needs keys to lock and unlock the data.
SSL Consists Of Two Keys:
- The Public Key is used to encrypt the information.
- The Private Key is used to decrypt the information and translate it in to original format so it can be read.
How Does It Work?
The SSL certificate is issued for a specific server and the domain name. SSL certificates are delivers by SSL Certificate Authorities. When a person uses any browser to navigate the website having SSL certificate than SSL handshake takes place between browser and server. First, the browser requests that the web server identify it, the server sends a copy of its SSL certificate. Then the browser will check whether it is valid or not if yes then sends a message to the server. After that, the server sends back a digital certificate to start the SSL encrypted session. Only encrypted data is shared between the server and a browser.
SSL encryption applies two keys named Public key and Private Key. Both keys are similar in nature but their usage is different. Even these keys length may vary in terms of bits. The more the key is lengthy; it is hard to break it. The receiver uses public key to encode the message or data while a private key is used to decrypt the data. It assures that the message is original and encrypted by your private key.
In the opposite, you can certify that a message is only coming from you, because you have encrypted it with you public key, and only the associated private key will decrypt it correctly.