An encrypted connection between a web server
and a web browser is made possible by the use of SSL, which stands for Secure
Sockets Layer protocol. Today, 25 years after it’s invention, SSL as a term is
still used, but usually to describe a completely different acronym - TLS
(Transport Layer Security), which has been adopted as a standard after the
breach of original SSL protocols.
In this article we will be speaking mainly
about Transport Layer Security or on how to easy obtain SSL certificates using
the TLS protocols through Mars engine, ensuring one of the basic GDPR
compliance requirements as encryption in transit for your apps.
SSL certificate protects data by guaranteeing
that any information moved between users and websites, or between two systems,
cannot be read by other parties without significant resources involved for data
decryption.
In order to prevent hackers from reading data
in transit, it employs encryption techniques to jumble the data as it is
transmitted across the network connection. This data contains potentially
sensitive information such as names, addresses, credit card numbers, and other
financial details, as well as other personal information and is most commonly
shown online as HTTPS.
When a website is protected by an SSL
certificate, the abbreviation HTTPS (HyperText Transfer Protocol Secure)
appears in the URL. Without an SSL certificate, only the letters HTTP – without
S indicating a Secure connection – will be displayed. In addition, most
browsers will also show a padlock icon in the URL address box. This conveys
trust and reassurance to individuals who visit the website or app, because user
has access to SSL certificate's details, by clicking on the padlock symbol
located within the browser bar to see:
SSL certificates are can be either free or available
for purchase straight from a Certificate Authority (CA), depending on level of
encryption you need and purpose of your project.
Mars engine provides every project with free
Let’s encrypt SSL certificate, issued Let’s encrypt Certificate Authority,
issued for more than 260 Million websites and apps worldwide. Mars engine
streamlines issuance process for you, where we provide Certification Authority
with the user data and connected domain.
Since we are registered with Let’s encrypt CA
as a provider, process of issuing SSL certificate for your project takes
seconds and is fully automated for our users.
If you, however, want to implement already
purchased SSL certificate, you can also do it, by using the MARS Engine SSL
wizard to import your existing certificate and simply directing your domain to
your Mars engine project in the same way as you are directing your domain for
any website.
We strongly advise on obtaining SSL
certificates early on in development to ensure data security in transit, but
also to easy comply with GDPR rules about data transit security, regarding
personal data.
If you want to learn more on how to comply with
GDPR and similar law during application development, please visit our article
about GDPR compliance for applications.
