SSL Terminology

To understand how SSL works, you must understand the various terms used to describe the parts of the SSL connection. The following is a list of these parts and the role each plays.

• Client. Any FTP program that is able to make an SSL connection.
• Certificate. The file that contains the identification information of the client or server. This file is used during connection negotiations to identify the parties involved. In some cases, the client's certificate must be signed by the server's certificate in order to open an SSL connection. The server stores certificate files in its database, so no physical file exists. The certificate includes the public key.
• Session key. The session key is what both the client and the server use to encrypt data. It is created by the client.
• Public key. The public key belongs to the server, but is used by the client to encrypt a session key. It does not exist as a file, but is a byproduct of the creation of a certificate and a private key. Data encrypted with the public key can be decrypted only by the corresponding private key.
• Private key. The private key is used by the server to decrypt the session key. The server stores private keys in its database, so no physical file exists. Private keys should be guarded like a password and NEVER shared with anyone.

Certificate signing request. A certificate signing request is generated each time a certificate is created. This file is used when you need to sign a certificate. Once the certificate signing request file is signed, a new signed certificate is made, which can replace the unsigned certificate.