# SSL (Secure Sockets Layer)

<figure><img src="/files/JqapGMHgxF6hLsEWLblH" alt=""><figcaption><p><a href="https://www.cloudflare.com/en-ca/learning/ssl/what-is-ssl/">https://www.cloudflare.com/en-ca/learning/ssl/what-is-ssl/</a></p></figcaption></figure>

## SSL (Secure Sockets Layer) Overview

* SSL is an encryption-based security protocol developed by Netscape in 1995.
* Ensures privacy, authentication, and data integrity in online communications.
* SSL is the predecessor to **TLS (Transport Layer Security)**, the modern encryption standard.

## How SSL/TLS Works

1. **Data Encryption**:
   * SSL encrypts data transmitted over the internet, making intercepted data unreadable.
2. **Authentication**:
   * SSL initiates a **handshake** process to verify the identity of both communicating devices.
3. **Data Integrity**:
   * SSL digitally signs data, ensuring that it hasn’t been tampered with during transmission.

## Importance of SSL/TLS

* Originally, data was transmitted in **plaintext**, vulnerable to interception.
* SSL encrypts sensitive information (e.g., credit card numbers) to prevent theft.
* Authenticates websites to avoid **phishing** attacks and ensures data isn’t altered.

## SSL vs TLS

* **TLS** (Transport Layer Security) is the updated version of SSL, introduced in 1999.
* SSL 3.0 (last version of SSL) is deprecated due to known vulnerabilities.
* Most websites now use TLS, although many still refer to it as **SSL**.

## SSL Certificates

* Websites must have an **SSL certificate** (technically a TLS certificate) to implement SSL/TLS encryption.
* **Public key** encryption is used for establishing secure communication.
* SSL certificates are issued by trusted **Certificate Authorities (CAs)**.

### Types of SSL Certificates

* **Single-domain**: Covers one domain (e.g., [www.example.com](http://www.example.com/)).
* **Wildcard**: Covers one domain and all its subdomains (e.g., [www.example.com](http://www.example.com/), blog.example.com).
* **Multi-domain**: Covers multiple unrelated domains.

### SSL Certificate Validation Levels

1. **Domain Validation (DV)**:
   * Basic level; verifies control of the domain.
2. **Organization Validation (OV)**:
   * More involved; CA directly contacts the organization.
3. **Extended Validation (EV)**:
   * Highest level; requires a full background check of the organization.

## Obtaining an SSL Certificate

* **Cloudflare** offers free SSL certificates with easy setup.
* Some websites may need additional setup for their origin servers.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://notes.mikaelsamvelian.com/linux-fundamentals/networking/ssl-secure-sockets-layer.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.