How Certificates Work On The Web
In order for a web request to establish an encrypted network connection using secure socket layer (SSL) / transport layer security (TLS) protocol, you must use an SSL/TLS certificate. SSL/TLS is a protocol that operates directly on top of the TCP protocol. The reason for this is that higher layers, such as http can be left unchanged whilst still providing a secure connection. If you look underneath the SSL layer, http is identical to https.
Benefits of using certificates
1 — Encryption
Encrypting traffic should not only be used to process sensitive information, such as credit cards or banking details, it should be used everywhere it can. When you enter information on a website, that data will pass through multiple touch points before it reaches its final destination.
If you don’t use SSL/TLS encryption, the data sent from client to server, is sent as plain text, and could be viewed or altered by anyone at any of the touch points before it reaches its destination.
2 — Authentication
An SSL/TLS connection ensures that data is sent to and received from the correct server. This is because the data cannot be intercepted without knowing the key.
It helps to prevent malicious actors from falsely impersonating a site.
3 — Data Integrity
An SSL/TLS connection ensures that there’s no loss or alteration of data during transport by including a message authentication code. This ensures that the data that gets sent is received without any changes or malicious alterations.