✊1. Project security

SSL security certificate — one of the prerequisites for effective promotion of a site on the Internet and user trust. This is a sign of the security and reliability of a web resource, to which you can transfer your data with greater confidence. In 2020, Google announced that the presence of an SSL certificate will significantly affect rankings. And if earlier only a part of webmasters used the service, now it is difficult to find a site that does not have an SSL certificate. After you have purchased a domain and hosting, uploaded the site and configured its operation, the first thing you need to take care of is the purchase or creation of a free SSL certificate.

What is an SSL certificate? SSL certificate – is a secure data encryption protocol. It protects information exchanged between users and the site from interception. This is all data that passes through site traffic, but the most important thing is to ensure the safety of personal passwords and bank card data (expiration date, CVV). Therefore, the presence of a security certificate plays the greatest role for the banking sector, online stores and other industries where financial transactions are carried out. But even where there are accounts (forums, social networks, sites with registration), it is important that logins and passwords do not fall into the hands of unauthorized people. These can be not only attackers, but also employees who service the network, wi-fi or server. There are many intermediate nodes through which data can be intercepted. Therefore, their protection plays a huge role. The certificate looks like a file with code, it is something like a digital signature of the site. It is used as confirmation that the client is interacting with the specified site, and not with a hacker who can answer instead of the server. But the server cannot confirm to itself that the site really exists and is secure. You wouldn't believe the first person you meet on the street whose name is George Washington, would you? To identify yourself, you will be asked to present a passport issued by a special institution, a passport desk. An SSL certificate is a site passport issued by a certification center.

How an SSL certificate works. To better understand the principle of SSL, you need to know what http is and how it differs from https. When the Internet first appeared, http - the hypertext transfer protocol - was used to exchange information between a site visitor and a server. The principle is as follows: the client sends a request, the server processes it and returns a response. This is how data is transmitted now, but to protect it, a new protocol was introduced, https, where the last letter stands for security - protected. This is not a new transmission method, but simply an extended http using the SSL/TLS encryption protocols. These technologies encrypt and decrypt data using cryptographic keys. SSL is an earlier method of encrypting data, TLS is its continuation. How does secure connection technology work? In essence, it is a clever way to establish a closed connection over an open channel. When the user's browser and the site (server) first contact each other, the two parties first exchange a "handshake": The client sends a hello message. The server responds and sends the site's security certificate. The browser checks the certificate through the root certificate database built into the system or browser. After that, the two parties, using a public key (on the client side) and a private key (on the server side), jointly generate a secret key with which they will perform encryption. This is a rather simplified scheme to provide a generalized understanding of the process. A complex and multi-stage technology is used to generate the secret key, otherwise anyone could crack it. How to check the SSL certificate on a website It is very easy to see whether a certificate is available or not. If there is a certificate, a closed padlock and the inscription https will be visible in the address bar next to the domain name. If there is no certificate, the letters https will be crossed out in red, and next to the domain you will see an exclamation mark in a triangle or a crossed out padlock. Depending on the browser, the icons may differ. By clicking on the icon to the left of the domain, you will understand exactly whether the site has a certificate or not. But how do you know how reliable a certificate is and whether you can trust the site that uses it? To do this, you can use online services: SSL Shopper Wormly ImmuniWeb The services are in English, but they can be translated using the built-in Google Chrome translator. They perform a deep analysis of the certificate, check the security level, expiration date, and other parameters. We used the SSL Shopper service to check two domains - the Cityhost site and a resource that runs on the http protocol. As we can see, in the second case, the service “argues” that the certificate has long expired.