What is an SSL Certificate?
At one point or another, you’ve probably heard the term SSL Certificate and may have a vague understanding that your site needs one, but you aren’t sure why. Today we are going to get into the nitty-gritty of what an SSL Certificate is, who should have them, and why they are important.
SSL stands for Secure Sockets Layer which is a global standard security technology that enables encrypted communication between a web browser and a web server, or a web server and a web server. This means your information is safely transmitted between your web browser and a websites’ server.
SSL Certificates make sure that any data transferred between users and sites, or between two systems remain impossible to read. Encryption algorithms are used to scramble data in transit, preventing hackers from reading it as it is sent over the connection. SSL/TLS works by binding the identities of entities such as websites and companies to cryptographic key pairs via digital documents known as X.509 certificates. Each key pair consists of a private key and a public key. The private key is kept secure, and the public key can be widely distributed via a certificate. Think of it as a secret handshake!
Who needs an ssl certificate?
In our opinion, everyone should have an SSL certificate! However, any individual or organization that uses their website to require, receive, process, collect, store, or display confidential or sensitive information should have an active SSL certificate. We should all do our due diligence in protecting our online visitors. Confidential or sensitive information can include personal data such as name, email address, home address, credit card information, logins and passwords, and more.
Search engines, such as Google, are now penalizing websites that do not use SSL Certificates by deeming the site unsafe and placing a warning splash page.
Types of SSL Certificates
The different types of SSL certificates are based on the number of domains and/or subdomains, and the level of validation necessary. A single SSL certificate secures one domain or subdomain while a wildcard SSL certificate covers one domain and an unlimited number of subdomains. A multi-domain SSL secures multiple domain names.
There are multiple levels of validation you can choose from, each with their own pros and cons. Domain Validation is the least expensive option and covers basic encryption and verification of the ownership of the domain registration. Organization Validation adds an extra step to Domain Validation, where it validates the details of the domain owner such as name and address. Extended Validation provides the highest degree of security due to the thorough examination that is conducted before the certificate is issued. There are strictly specified guidelines set by the SSL certification industry’s governing consortium that must be met. In addition to the ownership of the domain name registration and entity authentication, the legal, physical, and operational existence of the entity are verified.
How to tell if your website is secure
The best way to see whether your site or any site you visit is secure, is to look in the URL. There should be a small lock right before the URL of the website. If the lock symbol is missing or shows as unlocked, the site is not secure. If you are using Google Chrome as your browser there will be a small circle with an i in the middle, like so:. Your URL may use language such as “site insecure” or “not secure” to alert the user.
How to get an SSL
There are multiple ways to obtain an SSL certificate, both paid for and free. Websites such as sslforfree.com are a fantastic way to obtain high quality, free SSL certificates. The only downside with this route is the SSL certificate is valid for 90 days, meaning every 3 months you will need to go through the same process again. Letsencrypt.org is another great site for free 90 day certificates. Before going through this process, however, we recommend checking in with your website hosting service. Many hosting services offer free, and paid for, auto-renewing SSL certificates options. We at Pod Creative offer SSL certification for all our clients through our dedicated managed hosting. Before paying for an SSL certificate do some research, there are many options available.
SSL certificates are a vital piece of security for your website, especially if you are collecting personal information from visitors such as email addresses, names, and credit card information. A valid SSL certificate gives visitors a sense of security and trust when accessing your site. Unless you need a high-security SSL certificate, obtaining an SSL certificate for your site is straightforward and free! Before paying for an SSL certificate check with your web hosting provider to see their options, as most reputable hosting companies offer this service to their clients free of charge.