SECURITY TOPICS

How SSL/TLS Works 

Symantec SSL Certificates provide solutions that allow companies and consumers to engage in communications and commerce online with confidence.

What Happens When a Browser Encounters SSL

  • A browser attempts to connect to a website secured with SSL.
  • The browser requests that the web server identify itself.
  • The server sends the browser a copy of its SSL Certificate.
  • The browser checks whether it trusts the SSL Certificate. If so, it sends a message to the server.
  • The server sends back a digitally signed acknowledgement to start an SSL encrypted session.

Why Symantec SSL/TLS?

Website Security

Encryption Protects Data During Transmission

Web servers and web browsers rely on the Secure Sockets Layer (SSL) protocol to help users protect their data during transfer by creating a uniquely encrypted channel for private communications over the public Internet. Each SSL Certificate consists of a key pair as well as verified identification information. When a web browser (or client) points to a secured website, the server shares the public key with the client to establish an encryption method and a unique session key. The client confirms that it recognizes and trusts the issuer of the SSL Certificate. This process is known as the "SSL handshake" and it begins a secure session that protects message privacy, message integrity, and server security.

Credentials Establish Identity Online

Credentials for establishing identity are common: a driver's license, a passport, a company badge. SSL Certificates are credentials for the online world, uniquely issued to a specific domain and web server and authenticated by the SSL Certificate provider. When a browser connects to a server, the server sends the identification information to the browser.

To view a websites' credentials:

  • Click the closed padlock in a browser window
  • Click the trust mark (such as a Norton Secured Seal)
  • Look in the green address bar triggered by an Extended Validation (EV) SSL

Authentication Generates Trust in Credentials

Trust of a credential depends on confidence in the credential issuer, because the issuer vouches for the credential's authenticity. Certification Authorities use a variety of authentication methods to verify information provided by organizations. Symantec, the leading Certification Authority, is well known and trusted by browser vendors because of our rigorous authentication methods and highly reliable infrastructure. Browsers extend that trust to SSL Certificates issued by Symantec.

Extend Protection beyond HTTPS

Symantec SSL Certificates offer more services to protect your site and grow your online business. Our combination of SSL, vulnerability assessment and daily website malware scanning helps you provide site visitors with a safer online experience and extend server security beyond https to your public-facing web pages. The Norton Secured Seal and Symantec Seal-in-Search technology help assure your customers that your site is safe from search to browse to buy.

To learn more about how SSL certificates work and the benefits of implementing SSL on your website, visit our "SSL Explained" interactive resource.

Beginner's Guide to SSL/TLS

SSL/TLS Explained

Whether you are an individual or a company, you should approach online security in the same way that you would approach physical security for your home or business.


This guide will de-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.

READ BEGINNER'S GUIDE
What Is EV SSL?

What Is EV SSL?

Symantec SSL/TLS Certificates with Extended Validation (EV) provide solutions that allow companies and consumers to engage in communications and commerce online with confidence.

Continue Reading

What is SSL, TLS and HTTPS?

What is SSL, TLS and HTTPS?

Learn how SSL, TLS and HTTPS work to protect online information and increase trust in websites.

Continue Reading

FATCA Data with Symantec Secure Site SSL Certificate

FATCA Data with Symantec Secure Site SSL Certificate

The Foreign Account Tax Compliance Act (FATCA) was enacted in 2010 to improve transparency and address
non-compliance by U.S. taxpayers.

Continue Reading

USE CASES

Symantec Website Security Solutions In The Real World

Join the Community

Join the Symantec discussion on Symantec Connect

SYMANTEC CONNECT

Follow Threat Intelligence on Twitter @Threatintel

SYMANTEC ON TWITTER

Watch videos on the Symantec Website Security YouTube Channel

SYMANTEC ON YOU TUBE