SSL is a acronym for Secure Sockets Layer, a protocol and mechanism for a web browser and a server to safely exchange information. The server encrypts the information going to the web browser and provides the browser with the necessary data to decrypt the received information. This provides a secure channel for the browser and server to exchange information. The secure channel is the Secure Sockets Layer, or SSL.
Before the server and browser exchange the desired information, the server must identify itself to the browser so that the browser (requestor) can determine that the server is the one that the browser, being used by the online shopper for example, intends to contact. The server provides to the browser specific information about the owner of the server and other identifying data. This information comprises the SSL Certificate.
Whenever a user contacts a secure server, the browser has a couple of different ways to show that it is accessing a server through an SSL. One way is that the browser page tab or the address bar changes color, usually to a soft yellow or bright green:
click to enlarge
Whenever a user contacts a secure server, the browser has a couple of different ways to show that it is accessing a server through an SSL. One way is that the browser page tab or address bar changes color, usually to a soft yellow or dark green. The image at the left shows a Bank of America login page URL. Note that the left portion of the URL address bar is dark green; also note that the URL prefix is "https" instead of "http". The added 's' indicates that the page is accessed via SSL.
click to enlarge
This image to the left presents another view of a secure page. Here the browser displays the URL address bar in a soft yellow shade. The URL prefix is again "https", also indicating the SSL page access. Note the small padlock icon at the extreme right end of the URL address bar. Some browsers display the padlock icon in the URL address bar, as shown here; other browsers display the padlock icon along the bottom of the browser in the status bar.
click to enlarge
Clicking on the padlock icon displays an introductory spash screen with a summary of the SSL certificate information. Here, the screen shows that Bank of America is the verified owner of the site being visited; the screen also shows that this connection provides 128-bit encryption for the data exchanged between the B of A server and the web browser. The bottom pane shows a brief history of your browser's most recent visit to that site. Clicking over the "Certificate Information" button at the bottom left of the screen displays information from the SSL certificate, as shown in the image below.
click to enlarge
The viewer can verify this information and determine to proceed with the intended transaction.
