The Secure Sockets Layer protects data transferred over http using encryption enabled by a server¡¯s SSL Certificate. An SSL Certificate contains a public key and a private key. A public key is used to encrypt information and a private key is used to decipher it. When a browser points to a secured domain, an SSL handshake authenticates the server and the client and establishes an encryption method and a unique session key. They can begin a secure session that guarantees message privacy and message integrity.

Public Key Infrastructure is the network security architecture of an organization. It includes software, encryption technologies, and services the enable secure transactions on the Internet, intranets, and extranets

When Geotrust issues an SSL Certificate, we act as a Certification Authority (CA). Geotrust digitally signs each certificate we issue. Each browser contains a list of CAs to be trusted. When the SSL handshake occurs, the browser verifies that the server certificate was issued by a trusted CA. If the CA is not trusted, a warning will appear. Geotrust is one of the most trusted CAs on the Internet.

The Geotrust subscriber agreement prohibits customers from using a certificate on more than one physical server or device at a time, unless the customer has purchased the Licensed Certificate Option. When private keys are moved among servers-by disk or by network-accountability and control decrease, and auditing becomes more complex. By sharing certificates on multiple servers, enterprises increase the risk of exposure and complicate tracing access to a private key in the event of a compromise. Geotrust's licensing policy allows licensed certificates to be shared in the following configurations: redundant server backups and SSL accelerators.