SSL (Secure Sockets Layer) is a standard security protocol for establishing encrypted links between a web server and a browser in an online communication.
The usage of SSL technology ensures that all data transmitted between the web server and browser remains encrypted.
SSL or TLS (Transport Layer Security) certificates are data files that bind a cryptographic key to the details of an organization. An SSL certificate is necessary to create SSL connection. You would need to give all details about the identity of your website and your company as and when you choose to activate SSL on your web server. When SSL/TLS certificate is installed on a web server, it enables a secure connection between the web server and the browser that connects to it. The website’s URL is prefixed with “https” instead of “http” and a padlock is shown on the address bar. If the website uses an extended validation (EV) certificate, then the browser may also show a green address bar.
The internet has spawned new global business opportunities for enterprises conducting online commerce. However, that growth has also attracted fraudsters and cyber criminals who are ready to exploit any opportunity to steal consumer bank account numbers and card details. Any moderately skilled hacker can easily intercept and read the traffic unless the connection between a client (e.g. internet browser) and a web server is encrypted.
A typical installation of SSL certificate involves the following three steps:
To implement SSL/TLS security on your website, you need to get and install a certificate from a trusted CA. A trusted CA will have its root certificates embedded in all major root store programs, meaning the certificate you purchase will be trusted by the internet browsers and mobile devices used by your website visitors.
When SSL certificate is purchased from a web host, its activation is taken care of by the web host. The administrator of the website can also activate the SSL through Web Host Manager (WHM) or cPanel. In the WHM dashboard select the SSL/TLS option and choose “Generate SSL Certificate and Signing Request”. Next, generate your Private Key and fill out the form for Certificate Signing Request (CSR). Ensure that you enter your domain name in the box asking for “Host to make cert for”. You will need to send this CSR to your CA in order to purchase a certificate. See https://support.comodo.com/index.php?/Knowledgebase/List/Index/19/csr-generation/ for help to generate a CSR using various webserver types.
Your website is now capable of HTTPS! You must now configure you website so that visitors who access this site get automatically directed to the “HTTPS” version. Search engine providers like Google are now offering SEO benefits to SSL pages, so the effort to serve all pages on your site over HTTPS is well worth it.
Reference: From Here