To be able to create an SSL connection, a web server requires an SSL Certificate. When  activate SSL on your web server you will be prompted to complete a number of questions about the identity of your website and your company. Your web server then creates two cryptographic keys - a Private Key and a Public Key.

The Public Key does not need to be secret and is placed into a Certificate Signing Request (CSR) - a data file also containing your details. You should then submit the CSR. During the SSL Certificate application process, the Certification Authority will validate your details and issue an SSL Certificate containing your details and will allow you to use SSL. Your web server will match your issued SSL Certificate to your Private Key. Your web server will then be able to establish an encrypted link between the website and your customer's web browser.

The complexities of the SSL protocol remain invisible to your customers. Instead, their browsers provide them with a key indicator to imform them that they are currently protected by an SSL encrypted session. The lock icon appears in the lower right-hand corner, and clicking on the lock icon displays your SSL Certificate and its details. All SSL Certificates are issued to either companies or legally accountable individuals.

Typically, an SSL Certificate contains your domain name, company name, and the address. It will also contain the expiration date of the Certificate and details of the Certification Authority responsible for the issuance of the Certificate. When a browser connects to a secure site, it will retrieve the site's SSL Certificate and check for three things: an expiration date, a certified issuer, and that it is being used by the website for which it has been issued. If it fails on any one of these checks, the browser will display a warning to the end user letting them know that the site is not secured by SSL.