Your browser does this by figuring out whether the website's certificate file has been issued by a "Certificate Authority" (CA). CAs generally charge money to give website owners this file. Your browser trusts over 50 Certificate Authorities to create and vouch for certificates, ranging from Verisign to GoDaddy to various governments — and the many hundreds of intermediary CAs to whom those 50+ have delegated trust. As you might guess, this is a very flawed system, but it's the system that we have right now.
The SSL 3.0 protocol is almost 20 years old, so whilst
the vast majority of browsers support it, it is an insecure and outdated. Over
the coming months Google, Microsoft and Firefox have all announced that they
will remove support for it from their browsers, so there’s no time like the
present to have SHA-2 SSL certificates explained. Many
browsers will retry failed connections with older protocol versions, including
This leaves your website susceptible to hacking because a targeted attack on your website can cause connection failures, which in turn can trigger the use of SSL 3.0.This vulnerability means that hackers and malicious third parties can intercept the plaintext contents of secure connections on your website.
Security experts around the world have repeatedly warned that SSL Certificates using SHA-1 technology run serious the risk of being hacked and having their user’s data compromised. To ensure your website is secure and adhering to industry best practices we recommend turning off SSL 3.0 and upgrading to SHA-2 SSL ASAP!