{"id":214,"date":"2016-07-30T12:56:43","date_gmt":"2016-07-30T09:56:43","guid":{"rendered":"https:\/\/community.virtono.com\/?p=214"},"modified":"2016-07-30T12:56:43","modified_gmt":"2016-07-30T09:56:43","slug":"secure-socket-layer-ssl","status":"publish","type":"post","link":"https:\/\/www.virtono.com\/community\/knowledgebase\/secure-socket-layer-ssl\/","title":{"rendered":"Secure Socket Layer (SSL)"},"content":{"rendered":"<ul>\n<li>SSL stands for Secure Socket Layer.<\/li>\n<li><em>Secure Socket Layer<\/em> (SSL) technology allows web browsers and web servers to communicate over a secure connection<\/li>\n<li>Originally developed by Netscape, SSL has been universally accepted on the World Wide Web for authenticated and encrypted communication between clients and servers.<\/li>\n<li>Responsible for the emergence of<\/li>\n<\/ul>\n<p>e-commerce, other security sensitive\u00a0\u00a0\u00a0 services on the web<\/p>\n<ul>\n<li>\nThe SSL protocol runs above TCP\/IP and below higher-level protocols such as HTTP or IMAP<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p><img data-recalc-dims=\"1\" loading=\"lazy\" decoding=\"async\" data-attachment-id=\"215\" data-permalink=\"https:\/\/www.virtono.com\/community\/knowledgebase\/secure-socket-layer-ssl\/attachment\/1-4\/\" data-orig-file=\"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/1-3.png?fit=624%2C215&amp;ssl=1\" data-orig-size=\"624,215\" data-comments-opened=\"1\" data-image-meta=\"{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}\" data-image-title=\"1\" data-image-description=\"\" data-image-caption=\"\" data-medium-file=\"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/1-3.png?fit=300%2C103&amp;ssl=1\" data-large-file=\"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/1-3.png?fit=624%2C215&amp;ssl=1\" class=\"wp-image-215 aligncenter\" src=\"https:\/\/i0.wp.com\/community.virtono.com\/wp-content\/uploads\/2016\/07\/1-3-300x103.png?resize=440%2C151&#038;ssl=1\" alt=\"1\" width=\"440\" height=\"151\" srcset=\"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/1-3.png?resize=300%2C103&amp;ssl=1 300w, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/1-3.png?w=624&amp;ssl=1 624w\" sizes=\"auto, (max-width: 440px) 100vw, 440px\" \/><\/p>\n<p>&nbsp;<\/p>\n<p><strong>Why SSL?<\/strong><\/p>\n<p>SSL addresses the following important security considerations.<\/p>\n<ul>\n<li><strong>Authentication<\/strong>: During initial attempt to communicate with a web server over a secure connection, that server will present your web browser with a set of credentials in the form of a server certificate. The purpose of the certificate is to verify that the site is who and what it claims to be.<\/li>\n<li><strong>Confidentiality<\/strong>: When data is being passed between the client and the server on a network, third parties can view and intercept this data. SSL responses are encrypted so that the data cannot be deciphered by the third party and the data remains confidential.<\/li>\n<li><strong>Integrity<\/strong>: When data is being passed between the client and the server on a network, third parties can view and intercept this data. SSL helps guarantee that the data will not be modified in transit by that third party.<\/li>\n<\/ul>\n<p><strong>What SSL Provides?<\/strong><\/p>\n<ul>\n<li>Confidentiality (Privacy)<\/li>\n<li>Data integrity (Tamper-proofing)<\/li>\n<li>Server authentication (Proving a server is what it claims it is)<\/li>\n<li>Optional client authentication &#8211; Would be required in B2B\/B2C (or Web services environment in which program talks to program<\/li>\n<\/ul>\n<p><strong>SSL and Authentication<\/strong><\/p>\n<ul>\n<li><strong>Server Authentication:<\/strong><\/li>\n<\/ul>\n<p>Server needs to provide its own certificate to a<\/p>\n<p>client in order to authenticate itself to the client.<\/p>\n<p>A Web server typically has a CA-signed certificate\u00a0 and it provides to its clients.<\/p>\n<ul>\n<li><strong>Client Authentication:<\/strong><\/li>\n<\/ul>\n<p>Client needs to provide its own certificate to a<\/p>\n<p>server in order to authenticate itself to the\u00a0 server.<\/p>\n<ul>\n<li><strong>Mutual Authentication<\/strong><\/li>\n<\/ul>\n<p><strong>SSL and Web-tier Security<\/strong><\/p>\n<ul>\n<li>Encrypted password move from the browser<\/li>\n<\/ul>\n<p>to the web server<\/p>\n<ul>\n<li>Encrypted data move between the browser<\/li>\n<\/ul>\n<p>and the web server<\/p>\n<ul>\n<li>Server authentication<\/li>\n<\/ul>\n<p>\u2013 Done before encrypted data transfer occurs<\/p>\n<ul>\n<li>Client Authentication<\/li>\n<\/ul>\n<p>\u2013 Not used in most cases<\/p>\n<p>&nbsp;<\/p>\n<p><strong>What is a Certificate?<\/strong><\/p>\n<ul>\n<li>A certificate is a digitally-signed statement from one entity (person, company,<\/li>\n<\/ul>\n<p>etc.), saying that the public key (and some other information) of some other<\/p>\n<p>entity has a particular value. So in a sense, it is like digital version of your ID<\/p>\n<p>card such as driver&#8217;s license.<\/p>\n<ul>\n<li>A certificate is cryptographically signed and is practically impossible for anyone else to forge<\/li>\n<li>A certificate can be purchased from (signed by) a well-known CA (Certificate Authority) like Verisign<\/li>\n<li>A certificate can be self-signed when authentication over the internet is not really a concern for example, an administrator may simply want to ensure that data being transmitted and received by the server is private and cannot be snooped by anyone eavesdropping on the connection, that is only data privacy and integrity are important.<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p><strong>What is Server Certificate?<\/strong><\/p>\n<ul>\n<li>A server certificate is a container that contains server&#8217;s public key and other miscellaneous information<\/li>\n<li>Web server must have an associated certificate for each external interface, or IP address, that accepts secure connections. This provides\u00a0 some kind of reasonable assurance that its owner is who you think it is<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p><strong>Why Server Certificate is Needed?<\/strong><\/p>\n<ul>\n<li>Server Certificate enables Server Authentication<\/li>\n<li>Server sends server certificate as part of SSL key handshake<\/li>\n<li>HTTPS service of Tomcat would not work unless a server certificate is installed<\/li>\n<li>Verifies the server&#8217;s identity to the client, before receiving any sensitive information<\/li>\n<\/ul>\n<p><strong>SSL Drawbacks<\/strong><\/p>\n<p>The problems associated with SSL are<\/p>\n<ul>\n<li>It prevents caching.<\/li>\n<li>Using SSL imposes greater overheads on the server and the client.<\/li>\n<li>Some firewalls and\/or web proxies may not allow SSL traffic.<\/li>\n<li>There is a financial cost associated with gaining a Certificate for the server\/subject device<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>SSL stands for Secure Socket Layer. Secure Socket Layer (SSL) technology allows web browsers and web servers to communicate over a secure connection Originally developed by Netscape, SSL has been universally accepted on the World Wide Web for authenticated and encrypted communication between clients and servers. Responsible for the emergence<\/p>\n","protected":false},"author":3,"featured_media":216,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[5],"tags":[],"class_list":["post-214","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-knowledgebase"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/2.jpg?fit=376%2C286&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p7ISfL-3s","jetpack_likes_enabled":true,"jetpack-related-posts":[{"id":230,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/steps-to-install-ssl-certificate-on-apache-web-server\/","url_meta":{"origin":214,"position":0},"title":"Steps to Install SSL Certificate on Apache Web Server","author":"Daniel Draga","date":"July 30, 2016","format":false,"excerpt":"SSL stands for Secure Socket Layer. Secure Socket Layer (SSL) technology allows web browsers and web servers to communicate over a secure connection. What is a Certificate? A certificate is a digitally-signed statement from one entity (person, company, etc.), saying that the public key (and some other information) of some\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/ic.jpg?fit=1200%2C628&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/ic.jpg?fit=1200%2C628&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/ic.jpg?fit=1200%2C628&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/ic.jpg?fit=1200%2C628&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/ic.jpg?fit=1200%2C628&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":942,"url":"https:\/\/www.virtono.com\/community\/news-announcements\/web-pages-not-served-via-https-will-be-marked-not-secure-in-google-chrome-and-mozilla-firefox-are-you-prepared\/","url_meta":{"origin":214,"position":1},"title":"Web pages not served via HTTPS will be marked \u2018not secure\u2019 in Google Chrome and Mozilla Firefox. Are you prepared?","author":"Virtono","date":"May 18, 2017","format":false,"excerpt":"Browsers are changing, are you prepared? Web pages not served via HTTPS will be marked \u2018not secure\u2019 in Google Chrome and Mozilla Firefox. Could your website be one of them? As the world's most popular browsers, this will affect nearly 70% of global internet traffic and other browser companies will\u2026","rel":"","context":"In &quot;Announcements&quot;","block_context":{"text":"Announcements","link":"https:\/\/www.virtono.com\/community\/category\/news-announcements\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/05\/https.png?fit=1197%2C854&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/05\/https.png?fit=1197%2C854&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/05\/https.png?fit=1197%2C854&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/05\/https.png?fit=1197%2C854&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/05\/https.png?fit=1197%2C854&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":2877,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/how-to-install-cwp-centos-web-panel-on-centos-8\/","url_meta":{"origin":214,"position":2},"title":"How to install CWP (CentOS Web Panel) on Centos 8","author":"George B.","date":"July 28, 2022","format":false,"excerpt":"What Is CWP? CentOS Web Panel (CWP) is a web hosting control panel. It's a no-cost alternative to cPanel. It has an easy-to-use interface and a variety of other features for beginners who want to set up and manage hosting servers. Using CWP is simple and convenient because you don't\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2022\/07\/Screenshot-2022-07-21-at-16.19.14.png?fit=1057%2C704&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2022\/07\/Screenshot-2022-07-21-at-16.19.14.png?fit=1057%2C704&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2022\/07\/Screenshot-2022-07-21-at-16.19.14.png?fit=1057%2C704&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2022\/07\/Screenshot-2022-07-21-at-16.19.14.png?fit=1057%2C704&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2022\/07\/Screenshot-2022-07-21-at-16.19.14.png?fit=1057%2C704&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":1152,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/set-up-the-ftp-server-under-debian\/","url_meta":{"origin":214,"position":3},"title":"Set up the FTP server under Debian","author":"Shreyash Sharma","date":"October 23, 2017","format":false,"excerpt":"ProFTPD\u00a0is a widely-used, well-configurable FTP server for UNIX-based operating systems.\u00a0This article shows the\u00a0installation and configuration of ProFTPD\u00a0in version 1.3.5b-4 on\u00a0Debian\u00a0Linux.\u00a0In the example shown, a TLS encryption is configured on the FTP server to encrypt the communication between the FTP client (eg FileZilla) and the FTP server ProFTPD.\u00a0Debian Stretch 9 was\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/10\/unnamed.png?fit=300%2C300&ssl=1&resize=350%2C200","width":350,"height":200},"classes":[]},{"id":952,"url":"https:\/\/www.virtono.com\/community\/news-announcements\/hosting-website-with-caddy-on-ubuntu\/","url_meta":{"origin":214,"position":4},"title":"Hosting Website with Caddy on Ubuntu","author":"Daniel Draga","date":"June 7, 2017","format":false,"excerpt":"Introduction \u00a0 Caddy is the new trend. Caddy is the new web server. It\u2019s uncomplicated and it\u2019s great to be used for \u00a0environment production. It contains an helpful automatic TLS encryption. \u00a0It also features an instinctive configuration file, HTTP\/2 support. The HTTP\/2 of Caddy is the new version of HTTP\u2026","rel":"","context":"In &quot;Announcements&quot;","block_context":{"text":"Announcements","link":"https:\/\/www.virtono.com\/community\/category\/news-announcements\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/06\/how-to-install-caddy-on-ubuntu-16-04.jpg?fit=1200%2C600&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/06\/how-to-install-caddy-on-ubuntu-16-04.jpg?fit=1200%2C600&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/06\/how-to-install-caddy-on-ubuntu-16-04.jpg?fit=1200%2C600&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/06\/how-to-install-caddy-on-ubuntu-16-04.jpg?fit=1200%2C600&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/06\/how-to-install-caddy-on-ubuntu-16-04.jpg?fit=1200%2C600&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":1876,"url":"https:\/\/www.virtono.com\/community\/knowledgebase\/understanding-pop3-imap-and-smtp-for-beginners-in-depth\/","url_meta":{"origin":214,"position":5},"title":"Understanding POP3, IMAP, and SMTP for Beginners  In-Depth","author":"Shreyash Sharma","date":"September 21, 2020","format":false,"excerpt":"If you\u2019re thinking how email works, understanding the differences between POP3 vs IMAP and the part of SMTP is a wonderful place to begin. This tutorial will clarify all of those parts in layman conditions and how they function, therefore buckle up and continue reading! You should try out creating\u2026","rel":"","context":"In &quot;Knowledgebase&quot;","block_context":{"text":"Knowledgebase","link":"https:\/\/www.virtono.com\/community\/category\/knowledgebase\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2020\/09\/800-email-pop3-smtp-imap.jpg?fit=800%2C360&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2020\/09\/800-email-pop3-smtp-imap.jpg?fit=800%2C360&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2020\/09\/800-email-pop3-smtp-imap.jpg?fit=800%2C360&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2020\/09\/800-email-pop3-smtp-imap.jpg?fit=800%2C360&ssl=1&resize=700%2C400 2x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts\/214","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/comments?post=214"}],"version-history":[{"count":1,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts\/214\/revisions"}],"predecessor-version":[{"id":217,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts\/214\/revisions\/217"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/media\/216"}],"wp:attachment":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/media?parent=214"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/categories?post=214"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/tags?post=214"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}