Announcements & Articles
Clearing Confusion – TLS & SSL certificates are the same thing.

Clearing Confusion – TLS & SSL certificates are the same thing.

The term SSL certificate has been used for the purposes of marketing since the creation of the digital certificates.  SSL just like TLS are actually protocols that utilize a digital certificates keypair.

TLS & SSL Certificate
“TLS and SSL can both use the same digital certificate”

A digital certificate keypair by itself  is  nothing more than a place holder of 2048 bits or greater and is needed in order to perform encryption and validation. A protocol is the actual function of encryption that initializes that keypair to start encryption, such as the TLS or SSL Protocols. These protocols are set up and chosen on the server side by a server admin. Since TLS  or SSL  are protocol functions on the server and not pertaining to the digital certificate’s keypair it is uncertain why the industry calls Digital Certificates as SSL Certificates because of this principle. All SSL protocols that were all available are now perceived as a vulnerable protocol leaving only TLS until something better eventually comes up.

Because of the SSL marketing gimmick around the industry, and lack of secure SSL protocols there is now a fountain of confusions flying around. Here are some examples:

Since SSL Versions are vulnerable to Poodle attack. Is it possible to consider TLS 1.2 instead of SSL certificate?

“We need to upgrade our SSL certificate to TLS 1.2”

“My certificate states its is a SSL certificate, but I asked for a TLS certificate did I do something wrong?”

A standard digital certificate can use both TLS and SSL because they are both protocols that are configured on the server. There is no such thing as an SSL certificate that will only work for the SSL protocol or a TLS certificate that will only work for the TLS protocol.

Remember, that a digital certificate keypair is essentially just a bit place holder for encryption. All mainstream digital certificates are essentially TLS/SSL  because of the protocols that can use it.

About SSLSupportDesk:

SSLSupportDesk is part of Acmetek who is a trusted advisor of security solutions and services. They provide comprehensive security solutions that include Encryption & Authentication (SSL), Endpoint Protection, Multi-factor Authentication, PKI/Digital Signing Certificates, DDOS, WAF and Malware Removal. If you are looking for security look no further. Acmetek has it all covered!

Contact an SSL Specialist to get a consultation on the Website Security Solutions that can fit your needs.

Become a Partner and create additional revenue stream while the heavy lifting for you.