Secure Socket Layer
SSL stands for secure socket layer protocol. Netscape firstly designed this protocol for secure transaction. In the beginning it was only used between the web servers and browsers. In this protocol a third party is involved, which is called Certificate Authority (CA). This third party makes out the both end transactions. You have to buy IIS SSL certificate in order to secure your site. When you host a site, ensure that you are hosting your site on secure server hosting. There are many companies that provide cheap ssl certificates. But the Richmond SSL certificates are considered best all over the world.

Working Of SSL
Following are some points discuss that how digital SSL certificates work?

• Firstly the browser sends a request for a secure page. The URL you type in the browser.
  
• In response the web server returns the public key with the certificate.
  
• After taking the certificate the browser check that this is a valid ssl security certificate issued by some trusted party.
  
• After verification, the browser use the public key to encrypt the data and send this encrypted data to the server along with some other important HTTP data.
  
• After receiving this encrypted data from the browser, the web server de-crypt the data by using the private key.
  
• After this the web server returns the requested data, which is also encrypted.
  
• The browser receives this data and decrypts it by using a symmetric key and shows you the information.

Private Key/Public Key
Private Key and public key are the two main points, which ensure the data encryption. The data is encrypted by using one key and decrypted by using another key. In digital SSL certificate the data can only be decrypt with the private key. The public key is distributed to every one, so that every one can encrypt the data. But the private key is kept in secret, so that only you can decrypt the data. The data you will encrypt will only be correctly decrypted with the help of public key. To know the public key of your opponent, your correspondent will send you a message, which contains the public key along with the certificate.

The Certificate
How do you know that you are dealing with the right person or rather the right web site? To ensure this the certificate authority keep all the information of the users such as the name of owner, the e-mail id, the use of certificate, duration of the certificate, and other necessary information’s. This certificate does not hold the private key; this key does not transfer in any situation. This certificate contains all the information and encrypted message, when it receives by the owner. The owner then decrypts this message by using private key.