One of the most important components of an online business is creating a trusted environment where prospective customers feel safe when making a purchase. The SSL certificate creates a foundation of trust by building a secure connection. To ensure visitors their connection is secure, the browser provides special visual cues that we call EV indicators - anything from a green padlock to a branded URL bar.
The SSL certificate has a key pair (KEY): there is a public key and a private key. These keys work together to make an encrypted connection. The certificate also contains what is called a "subject," which is the identity of the certificate owner / website.
To get a certificate, you must create a Certificate Signing Request (CSR) on your server. This process creates a private key and public key on your server. The CSR data file that you send to the publisher's SSL Certificate (called a Certificate Authority or CA) contains a public key. CA uses CSR data files to structure data to fit your private key without reducing the key itself. CA never sees a private key.
After you receive an SSL certificate, you install it on your server. You also install an intermediary certificate that establishes the credibility of your SSL Certificate by binding it to your CA root certificate. The instructions for installing and testing your certificate will differ depending on your server.
Can we make SSL by ourselves?
The answer is of course you can, but the most important part of the SSL certificate is that the certificate was digitally signed by a trusted CA. Anyone can create a certificate, but the browser only trusts certificates that come from organizations in their trusted CA list. The browser is equipped with a list of trusted CAs that were previously installed, known as Trusted Root CAs. To be added to Trusted Root CA and thus become a Certificate Authority, the company must comply with and be audited against the security and authentication standards set by the browser.
An SSL certificate issued by a CA for an organization and domain / website verifies that a trusted third party has authenticated the organization's identity. Because the browser trusts CA, the browser now also believes in the identity of the organization. Browsers allow users to know that the website is safe, and users can feel safe browsing the site and even entering their confidential information such as credit or debit card numbers.
