SSL (Secure Sockets Layer) 은 무엇인가?
- SSL 인증서는 클라이언트와 서버간의 통신을 제3자가 보증해주는 전자화된 문서
- 클라이언트가 서버에 접속한 직후에 서버는 클라이언트에게 이 인증서 정보를 전달함. 클라이언트는 이 인증서 정보가 신뢰할 수 있는 것인지를 검증 한 후에 다음 절차를 수행함
SSL 디지털 인증서를 이용했을 때의 이점
- 통신 내용이 공격자에게 노출되는 것을 막음
- 클라이언트가 접속하려는 서버가 신뢰 할 수 있는 서버인지를 판단할 수 있음
- 통신 내용의 악의적인 변경을 방지함
SSL을 통해 http 프로토콜 에서 https(보안이 강화된 http) 적용이 가능하도록 해줄 것, 그리고 개인정보가 포함되거나 보안에 민감한 서버라면 반드시 https 설정이 필요!
출처:
https://blog.naver.com/semtul79/222809095489
https://velog.io/@jummi10/keytool%EB%A1%9C-local%EC%97%90%EC%84%9C-SSL-%EC%9D%B8%EC%A6%9D%EC%84%9C-%EC%83%9D%EC%84%B1-%EB%B0%8F-%EC%A0%81%EC%9A%A9
https://velog.io/@twkim8548/Nginx%EC%97%90%EC%84%9C-SSL-%EC%A0%81%EC%9A%A9%ED%95%B4%EC%84%9C-Https-%EB%A1%9C-%EC%A0%91%EC%86%8D-%EB%90%98%EA%B2%8C-%ED%95%B4%EB%B3%BC%EA%B9%8C
(영문 해석)
What is SSL?
SSL is an acronym for Secure Sockets Layer. A type of digital security that allows encrypted communication between a website and a web browser. The technology is currently deprecated and has been replaced entirely by TLS.
What is TLS?
TLS stands for Transport Layer Security and it ensures data privacy the same way that SSL does. Since SSL is actually no longer used, this is the correct term that people should start using.
What is HTTPS?
HTTPS is a secure extension of HTTP. Websites that install and configure an SSL/TLS certificate can use the HTTPS protocol to establish a secure connection with the server.
- The goal of SSL/TLS is to make it safe and secure to transmit sensitive information including personal data, payment or login information.
- It’s an alternative to plain text data transfer in which your connection to a server is unencrypted, and it makes it harder for crooks and hackers to snoop on the connection and steal your data.
- Most people are familiar with SSL/TLS certificates, which are used by webmasters to secure their websites and to provide a secure way for people to carry out transactions.
- You can tell when a website is using one because you’ll see a little padlock icon next to the URL in the address bar.
Source:
https://www.websecurity.digicert.com/security-topics/what-is-ssl-tls-https
https://www.hostinger.com/tutorials/what-is-ssl-tls-https
