What Is SSL And How Does It Function?

SSL Certificates

Many of the financial institutions online, government offices and corporate offices utilize a particular encryption termed as Secure Sockets Layer also called the SSL security certificate. Now what exactly is SSL? To transmit data that is sensitive over networks that are insecure like the web, this encryption method called the SSL is used.

Two keys are used in this service, known as Public Key that encrypts data and the other Private Key that not only decrypts data but also creates Public Key. It is possible to have a secure email transaction on the web that is fully secured by using the above keys in two sets. It must be noted that both the parties involved in the transaction should have the Public Key of the other.

Prevention of MITM Attacks
To ensure verification of the Public Key the SSL digital certificate comes into the picture. It helps in making sure that there is no tampering done with the Public Key. Attacks by Man in the Middle or the MITM are prevented due to this. Otherwise the MITM is an attacker who first captures the data and then makes certain modifications in the data while it is in transit.

To make sure that the security certificate proves to be of best use, the SSL certificates have to be trusted as well otherwise in the certificate too modifications could be made by the attacker like they would do in the case of Public Keys. With the availability of Certificate Authorities or the CAs there is no need for end users to do the verification manually.

Signed Duly By CA
The certificates SSL are duly signed by the CAs thus allowing users to browse in a normal way with the transaction being well secured in the process. The SSL Certificate could be signed with any website that is reliable. There are a number of popular websites which can be termed as reliable these days since they use the SSL Certificates.

Even the strongest of encryption can be handled well by the fastest of computers in today's times due to the provision of SSL certificates. When the certificate is signed by the CA it must be installed. Procedures for installing the SSL digital certificate is quite simple and need just a few changes to be made in the dedicated server that is being secured.

Expiry Date Is Important
Once the certificate installation is done, till the date of expiry it functions which from the date of issue is, around 12 months. An expiry date is provided in case of theft of a certificate from a site if the server that is being managed becomes compromised. The certificate can be revoked by the CA in such a case and the websites credibility to send a secure email which was secured previously can now be maintained.

Another important thing to note is that the certificates SSL function on domains that have been signed for only. A separate SSL Certificate is applicable for each of the domain names individually. Even if a particular payment has to be made for obtaining the SSL certificate it pays off in a big way when criminals do not capture the data that has been transmitted.

Article Source: http://www.articlesbase.com/web-hosting-articles/what-is-ssl-and-how-does-it-function-6050541.html

About the Author

Jass Sawhney specialises in writing for services in the IT sector. He has in-depth knowledge and experience in the field of web hosting, windows hosting, Linux web hosting, domain names, domain search, domain name search, domain reseller, cloud server, reseller hosting, website builder, website creator, SSL, SSL certificates, SSL digital certificates, business emails and email services among others.

How to Setup a Secure Mail Server?

Email Hosting

Your mail server Internet Protocol could get added to the blacklist if incorrect setting up of DNS is done. If on the spam blacklist you are listed, then all the inbound mail to come, gets blocked when secure mail server is given to the email servers, these days.

If DNS records have to be reversed to the business email server then the MX will have to be configured correctly and this very same principle can be followed for a messaging server of every kind. For the mail servers, to the private address internally, a static IP address has to be set up externally which is the first thing that needs to be assigned for email hosting.

Check the Outgoing NAT Rule
These rules will need to be applied on the firewall so that SMTP or Port 5 can be port forwarded besides which even an external IP address that is NAT is also port forwarded to the server’s internal address. One thing that is generally forgotten by many of the administrators is doing or checking if the NAT rule that is outgoing is set to use the very same IP address created externally for the inbound rule to the webmail server.

When this setting is not done then the reverse DNS does not match and in turn blacklisting of your email server is done on the list. When setting up of the firewall rules is done correctly the listed IP address on the page should be very similar to the IP address that has been mapped to the email server’s private IP address that is set up internally.

Need For an Administrative Contact for Making Changes
What do you have to do if for your business email server MX records have to be created? For your DNS provider for the domain there will need an administrative contact for making the changes. Via a control panel on the internet through a provider for DNS this can be done. If this is not done then the changes will have to be made via email or the phone.

A record for pointing the IP address that is mapped externally is first created on the webmail server’s firewall, called the mail. To point the A record created for the email service, an MX record can now be created. Now ‘add MX record’ will have to be selected in the DNS control server and as A record now set the FQDN but make sure that the lowest property is preferred.

Check Whether the MX and DNS Records Have Been Applied
The next thing to do is checking whether the MX and DNS records have been applied and for this you will have to use NS look up. Next the reverse DNS will have to be configured and then verified. An SMTP Banner will be shown each time a connection is established by the external email server with your server for email hosting.

It is important for the banner to be resolvable on the internet and hence to have it as an A record mail host is the best practice. Accordingly the SMTP Banner Exchange can be configured. Once this is done you will need to check if on the spam list or on in an open relay, the secure mail server is listed or not.