An encrypted connection between a web server
and a web browser is made possible by the use of SSL, which stands for Secure
Sockets Layer protocol. Today, 25 years after it’s invention, SSL as a term is
still used, but usually to describe a completely different acronym - TLS
(Transport Layer Security), which has been adopted as a standard after the
breach of original SSL protocols.
In this article we will be speaking mainly about Transport Layer Security or on how to easy obtain SSL certificates using the TLS protocols through Mars engine, ensuring one of the basic GDPR compliance requirements as encryption in transit for your apps.
SSL certificate protects data by guaranteeing
that any information moved between users and websites, or between two systems,
cannot be read by other parties without significant resources involved for data
In order to prevent hackers from reading data in transit, it employs encryption techniques to jumble the data as it is transmitted across the network connection. This data contains potentially sensitive information such as names, addresses, credit card numbers, and other financial details, as well as other personal information and is most commonly shown online as HTTPS.
When a website is protected by an SSL certificate, the abbreviation HTTPS (HyperText Transfer Protocol Secure) appears in the URL. Without an SSL certificate, only the letters HTTP – without S indicating a Secure connection – will be displayed. In addition, most browsers will also show a padlock icon in the URL address box. This conveys trust and reassurance to individuals who visit the website or app, because user has access to SSL certificate's details, by clicking on the padlock symbol located within the browser bar to see:
SSL certificates are can be either free or available
for purchase straight from a Certificate Authority (CA), depending on level of
encryption you need and purpose of your project.
Mars engine provides every project with free Let’s encrypt SSL certificate, issued Let’s encrypt Certificate Authority, issued for more than 260 Million websites and apps worldwide. Mars engine streamlines issuance process for you, where we provide Certification Authority with the user data and connected domain.
Since we are registered with Let’s encrypt CA as a provider, process of issuing SSL certificate for your project takes seconds and is fully automated for our users.
If you, however, want to implement already purchased SSL certificate, you can also do it, by using the MARS Engine SSL wizard to import your existing certificate and simply directing your domain to your Mars engine project in the same way as you are directing your domain for any website.
We strongly advise on obtaining SSL certificates early on in development to ensure data security in transit, but also to easy comply with GDPR rules about data transit security, regarding personal data.
If you want to learn more on how to comply with GDPR and similar law during application development, please visit our article about GDPR compliance for applications.