The Secure Socket Layer (SSL) protocol is used to secure communication by encryption and to authenticate the communicating parties (e.g. between two servers, a web/mail client and a server, etc.). When sending sensitive data, the user is assured that he is communicating with the person he really wanted to communicate with. SSL certificates are usually used by online shops that accept orders and payment card data, www portals with administration for password and data security, projects that are subject to legislative provisions requiring secure transmissions, etc.
Establishing an SSL connection works on the principle of asymmetric encryption. Each of the communicating parties has a pair of encryption keys - public and private.The public key needs to be published, ensuring that it is properly transmitted to anyone who wants to use it. If anyone encrypts a message using this key, it is ensured that only the owner of the public key used can decrypt it with the corresponding private key.
SSL-secured site addresses start with https://. The browser also marks secure sites with a lock icon in the status bar. Modern browsers also display the lock icon in the address bar and underline this bar with different colors (green for fully compliant, yellow or orange for partially compliant [e.g., a compliant certificate but issued for a different domain], red for a non-compliant certificate).The standard port for HTTPS/SSL communication is 443, the standard HTTP port is 80.
Certificates must be renewed as they are limited in validity. The expiration date is stored directly in the certificate and can be viewed, for example, in a web browser. Once a certificate expires, it is automatically considered invalid.