I've seen many places refer to "256 bits certificates" in SSL encryption. Assuming they are talking about the key size, when I look at these certificates in browser I see 256 bytes instead. I know 1 bytes = 8 bits, so am I reading this wrong or should it instead be "256-bytes certificates"?
I've seen many places refer to "256 bits certificates" in SSL encryption.
You are most likely thinking about 256-bit symmetric cipher key sizes. The only 256-bit certificates are ECDSA, and the image you show has an RSA certificate. There are no 256-bit RSA certificates, but there are plenty of 256-bit symmetric keys (e.g. keys for AES, a common cipher in TLS).
when I look at these certificates in browser I see 256 bytes instead.
With the eight bit byte, 256 bytes is equal to 2048 bits, which is a common RSA modulus size, and thus a common RSA key and signature size. Public key cryptosystems like RSA require a larger key because they are attacked not using brute force (in which case 256 bits is more than secure enough), but through various other mathematical methods. In the case of RSA, the best known method to break it is integer factorization. Securing against factorization requires a modulus size of at least 2048 bits, or 256 bytes.
am I reading this wrong or should it instead be "256-bytes certificates"?
What you are looking at is the RSA public key, not the certificate.
For more detailed information, see How does SSL/TLS work?.
