What is SSL?
SSL (Secured Sockets Layer), and its successor TLS (Transport Layer Security), are cryptographic protocols used to secure and encrypt sensitive information like credit card numbers, usernames, passwords, and other private data sent over the internet. You will know a web site is using SSL because it will take you to a URL that begins with https.
SSL was originally released in 1995, with TLS following in 1999 to correct security flaws with the initial versions of SSL. Although the last version of SSL was deprecated in June, 2015, many individuals still refer to both protocols as “SSL”.
How Do SSL and TLS Secure My File Transfers?
These protocols’ primary function is to ensure privacy (also known as security) and data integrity during data transfer.
- Privacy is assured due to the creation of unique encryption generated for each connection during the initial server and client handshake
- Data Integrity is assured due to the use of cryptographic keys to verify the identities of the client and server, along with message authentication codes that ensure any data loss or alteration will be flagged
Why Should I Use SSL?
Unless the connection between the browser and the server is encrypted using a security protocol such as SSL, any private information being transferred is vulnerable to being hacked and intercepted.
SSL should ideally be used for any online data transmissions, but should always be used for:
- Any payments or other transactions involving credit cards or bank account numbers
- Back-end administration for websites and webmail/email
- Cloud-based or web-accessible system logins and passwords
- Corporate file and data transfers
- Transmission of sensitive personal information such as social security numbers, dates of birth, electronic Personal Health Information, etc.
More and more businesses are demanding SSL’s usage, with probably the most visible being Google Chrome’s decision to mark HTTP site as “not secure” in an effort to increase SSL’s adoption.
SSL Certificates (HTTP vs HTTPS)
You can tell when you are using a secure protocol if you see “https” at the beginning of the address bar instead of “http”. When you’re accessing sensitive information, such as an online bank account or a payment transfer service, you’ll know your information will pass along securely because of the “https”.
To generate this secure URL, the TLS/SSL use certificate authorities to ensure security. Once your browser becomes “https” the browser then checks that the certificate is valid and comes from a trusted source.
Site owners have several options to create or purchase an SSL certificate to enable SSL/TLS connections between FTP and HTTP clients. We have provided help for the most common security certificate installations for Cerberus FTP server here:
- Installing a Self-Created or Third Party Security Certificate in Cerberus FTP Server
- Creating a Certificate Signing Request in Cerberus FTP Server
We hope that you found this overview of SSL valuable. You can find out more about all aspects of Cerberus FTP Server SSL/TLS here.