What is an SSL certificate?
An SSL (Secure Sockets Layer) certificate is a type of digital certificate that is used to create a secure connection between a web server and the client user. This secure connection ensures that any data that is communicated is encrypted.
It encrypts the connections between you and the places you visit on the internet so that it becomes almost impossible for any ‘middle man’ to see the data being exchanged. They can still see that traffic is being exchanged, but the data is unreadable to them.
Most websites, and many other kinds of internet traffic such as emails are being now encrypted by default, where previously it was only a few websites such as banks, where encryption was deemed necessary.
When a website has an SSL certificate, it is indicated by a padlock icon in the web address bar and the “https” protocol in the URL.
SSL today doesn’t actually exist! as after version 1.3 it was renamed to TLS (Transport Layer Security), however its the same technology, so the terms are interchangeable.
- SSL 1.0 – never publicly released due to security issues
- SSL 3.0 – released in 1996. Deprecated in 2015 (protocol RFC 6176)
- SSL 2.0 – released in 1995. Deprecated in 2011 (protocol RFC 7568)
- TLS 1.0 – released in 1999 as an upgrade to SSL 3.0, Deprecated in 2021 (protocol RFC 8996)
- TLS 1.1 – released in 2006. Deprecated in 2021 (protocol RFC 8996)
- TLS 1.2 – released in 2008
- TLS 1.3 – released in 2018
*All versions of SSL have been found vulnerable, and they all have been deprecated, and TLS 1.0 & 1.0 have also been phased out by Microsoft and Apple.
All these certificates using the X.509 protocol originally given in RFC 1422, and later in RFC 5280