[Osaka/Yokohama/Tokushima] Looking for infrastructure/server side engineers!

[Osaka/Yokohama/Tokushima] Looking for infrastructure/server side engineers!

[Deployed by over 500 companies] AWS construction, operation, maintenance, and monitoring services

[Deployed by over 500 companies] AWS construction, operation, maintenance, and monitoring services

[Successor to CentOS] AlmaLinux OS server construction/migration service

[Successor to CentOS] AlmaLinux OS server construction/migration service

[For WordPress only] Cloud server “Web Speed”

[For WordPress only] Cloud server “Web Speed”

[Cheap] Website security automatic diagnosis “Quick Scanner”

[Cheap] Website security automatic diagnosis “Quick Scanner”

[Reservation system development] EDISONE customization development service

[Reservation system development] EDISONE customization development service

[Registration of 100 URLs is 0 yen] Website monitoring service “Appmill”

[Registration of 100 URLs is 0 yen] Website monitoring service “Appmill”

[Compatible with over 200 countries] Global eSIM “Beyond SIM”

[Compatible with over 200 countries] Global eSIM “Beyond SIM”

[If you are traveling, business trip, or stationed in China] Chinese SIM service “Choco SIM”

[If you are traveling, business trip, or stationed in China] Chinese SIM service “Choco SIM”

[Global exclusive service] Beyond's MSP in North America and China

[Global exclusive service] Beyond's MSP in North America and China

[YouTube] Beyond official channel “Biyomaru Channel”

[YouTube] Beyond official channel “Biyomaru Channel”

Role and mechanism of SSL certificates

My name is Nakagawa from the System Solutions Department.
Recently I've been working a lot on SSL server certificates, so I decided to look into how they work.

What is an SSL server certificate?

First of all, what is an SSL server certificate?
Its main role is
to encrypt communication of personal information and to verify the identity of the business owner or company operating the site SSL (Secure Sockets Layer) is a technology that encrypts information communication between a computer and a server.

you can safely exchange personal information, credit card information, etc.
even when shopping online or using services that require login information It also protects important data from eavesdropping, tampering, and spoofing by third parties.

How to identify sites that have SSL installed

So what kind of sites have certificates installed?
It's easy to understand if you check the URL field.

The browser URL starts with "https" and there is a lock mark in the URL field.

The entire site is encrypted, so information can be exchanged safely.
By clicking this lock mark, you can check the contents and expiration date of the installed certificate.
The display method differs depending on the browser.

The browser URL starts with "https", but there is no lock mark in the browser URL

Either the certificate itself is not installed, or the certificate is installed but
the communication within the site is divided into encrypted and non-encrypted ones.

The browser URL starts with "https" and there is a red icon in the URL field.

This means that the certificate is not installed or the certificate has expired.

Certificate issuance and installation flow

So how can you use the certificate?
To use it, you need to
apply to the certificate authority that issues the certificate Although there are differences depending on the certificate authority and type of certificate, the basic issuing procedure is as follows.

  1. Apply to certification authority
  2. Examination at certification authority
  3. Certificate issuance/delivery
  4. Install on server

The more reliable a product is, the more time-consuming and labor-intensive approval review is required.

Confirmation of existence

The reason why a certification authority examination is necessary to issue a certificate
is to investigate whether there is a business owner or company operating the site.

All sites are basically open to the outside world, so to speak, and the source code is open to the public, so
it is not impossible to create a fake site that imitates the real site.

Therefore, in order to confirm the legitimacy of the site, the following examination is necessary.
If the following examination is OK, a certificate will be issued for the domain you applied for.

  • Is the domain you applied for owned by the applicant?
  • Whether the applicant is an existing business owner or company

If a certificate is issued, it means that the domain is operated by a reliable administrator.
However, the examination conducted here is only to confirm whether the business owner/company actually exists.
Whether or not you can trust the business owner/company that operates the site is another matter.

What did you think?
We introduced the behind-the-scenes aspects of how you can safely exchange personal information on the sites you use casually.

Thank you for reading this far!

If you found this article helpful , please give it a like!
0
Loading...
0 votes, average: 0.00 / 10
1,022
X facebook Hatena Bookmark pocket
[2025.6.30 Amazon Linux 2 support ended] Amazon Linux server migration solution

[2025.6.30 Amazon Linux 2 support ended] Amazon Linux server migration solution

The person who wrote this article

About the author

Sakina Nakagawa

I joined the company in 2016 as a new graduate. Lately, I've been having fun learning the basics of servers.