5.2. Sending Encrypted Data with Secure Sockets Layer

Secure Sockets Layer, or SSL, is the industry-standard technique for sending encrypted information over public networks. It's a conglomeration of technologies that all work together to guarantee that messages haven't been intercepted or altered en route.

5.2.1. Obtaining a digital certificate

As discussed in Chapter 2 of this minibook, digital certificates act as server signatures, assuring users that they're connecting to the server they think they are, and that the organization behind the server is at least minimally legitimate.

A digital certificate doesn't imply that an organization is actually legitimate — meaning that it's engaged in normal, legal, or ethical activities. A digital certificate can assure users only that the Certificate Authority, or CA, has seen valid identification documents and confirmed the identity of the certificate holder.

You have two choices in obtaining a digital certificate:

  • Purchase a commercial certificate from a Certificate Authority.

  • Create and sign your own certificate.

Purchasing a certificate from a commercial CA is certainly the easiest way to obtain a digital certificate, but it's also the most expensive. Verisign and Thawte are the two most well-known CAs, but you can find plenty of others that are less expensive. Part of what you pay for with the well-known commercial CAs is name recognition ...

Get PHP & MySQL® Web Development All-in-One Desk Reference for Dummies® now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.