What is SSL?
- by Susith Nonis
- in SSL
What are SSL Certificates and Why do they Matter?
In this article, we’re going to explain what is an SSL Certificate and why you must have one installed on your website.
You may have heard the term SSL certificate thrown around a lot in the web development field of interests. If you’re looking into setting up a website, or have already made a website and don’t yet know properly what an SSL certificate is, you should definitely learn. That’s why we’re here anyway.
SSL certificates are extremely important for keeping your website safe, protecting your content, and reassuring customers that they’ll be safe on your website. This is especially important if you’re running a business website or an e-commerce platform where you’ll be taking payments.
No customer will feel safe putting in their private information and payment details when they visit your site and see that it doesn’t have the ever so important “lock” symbol on their browser that confirms that the site has a valid SSL certificate.
Well, in this article, we’ll examine exactly what is an SSL certificate, what it does, and why it’s extremely important that you ensure your site has one - before your customers start turning away and going to your competitors!
What is an SSL Certificate?
So, what exactly do web developers mean by SSL certificates and what do they do for your website? Well, first things first. SSL stands for Secure Sockets Layer. In the simplest possible term, an SSL certificate is a kind of reassurance that your site is secure and encrypted.
Back in the old days of the internet, most sites did not have SSL certificates. They used http:// domains and that was the norm for pretty much all sites, including websites for businesses and e-commerce platforms.
However, http:// domains are not safe and they do not encrypt your data properly to keep it safe from hackers and thieves. It is dangerous for you to use a site without this important layer of SSL security. Nowadays, SSL is the norm instead, and not having a valid certificate at any given point is very bad news for your website.
Verifies a Website’s Legitimacy
An SSL certificate is what a website will send to the client - essentially your computer - when you try to access a page. It basically verifies that the site is legitimate and is what it says it is, meaning your details will be safe with it. It tells your computer that the website has received a valid certificate from a qualified website host. This will give you a https:// prefix before your domain name, telling your clients that your website is safe and secure!
SSL allows the client and server to establish a safe and secure connection with encrypted transmissions. An unsafe site will usually not do this. But when your computer accesses a page with a good SSL certificate, the server will check the small text file to confirm that your computer is legitimate and your computer can check that the website is legitimate. The client and server are then bound in a secure communication and away from prying eyes!
The certificate validated that the server is a trusted host and the website is run by an established organization. In the early days of the internet, bogus and scam sites were everywhere, and there was virtually no way to stop innocent people stumbling upon them and being fooled into thinking they were legitimate.
Nowadays, SSL certificates can validate that the server is legitimate, the business is legitimate and the domain is only transferring encrypted information, and only between you and itself.
Why do you need an SSL certificate?
SSL certificates ensure that the client and server can have encrypted and secure communications. This is especially important when any kind of sensitive data is being passed between your computer and the website’s host server. It prevents most hackers, thieves and spies from accessing the data that is being transferred between you and the website, and stops them reading any of your personal or bank details!
When your website has an SSL certificate, your visitors and customers can know that the website is who it says it is, and they’ll feel safe when their data is encrypted and secure. An SSL certificate also confirms that the website is legitimate and has been approved by a proper authority. It means there’s virtually no chance your customer will have any tricks pulled against them.
Customers will also look at the prefix before your name when viewing your site. If your website doesn’t have the https:// prefix and is instead using http:// then Google or whatever search engine your customers are using will usually show a warning or not show the important “lock” symbol which tells site visitors that they are safe.
A valid and up to date SSL certificate also tells customers that you take your website seriously and it has been developed recently! Typically when a website runs on an http:// domain, that is an indication that either it is quite old, it is not secure or safe, or that the owners haven’t bothered to get it up to modern standards. If your customers see the http:// prefix on your website and have any of these thoughts about your business, that is bad news. So, get an SSL certificate so your customers can respect and trust you.
If you’re taking any details about your website visitors or customers at all, you most certainly do need an SSL certificate. It reassures your customers that their private data or payment information cannot be snooped on.
When you get hosting services from Monovm we provide a free SSL certificate. If your a beginner when it comes to setting up SSLs: not to worry. Heres a guide on installing the free SSL on shared hosting servers.
Search Engine Optimization
Furthermore, if you’re using digital marketing or social media marketing to drive traffic to your site, you will have a much increased chance of retaining visitors and increasing page views by having an SSL certificate. It will stop your potential customers from clicking off the page or being shown any kind of warning. In fact, some ad providers require that your link heads to an https:// domain or they will not allow you to run any ads.
Having an SSL certificate is absolutely crucial for building trust with your customers and keeping people on your site. It almost doesn’t matter what website you are hosting on the internet; it is an absolute necessity that you get a valid SSL certificate that is up to date and compatible for your website.
How you can do this depends very much on the website builder or panel you are using. SSL certificates do not cost much and with most hosting plans they are free with one hundred percent free renewal. So, if you get any emails claiming that you need to pay a large amount of money to get a valid SSL certificate, delete them immediately. It’s a common scam going around that demands you pay for an SSL certificate that you don’t need. Ignore the email.
cPanel offers its own SSL section where you can view your current active SSL certificates and their details, and see when they need replacing. Depending on the hosting provider you picked when setting up your website, this may have already been taken care of for you and you won’t need to bother yourself with updating your certificate.
Usually it takes about twenty four to forty eight hours after registering a domain and hooking it up to your hosting provider’s nameservers for the SSL certificate to become active so you can get that https:// prefix.
With most website builders like Wix or WordPress’ own hosting, you won’t need to care about SSL at all because it’s all been done for you.
For the next part of the arrticle, we would like to show you how Google Chrome displays websites without any SSL certification.
Visual proof of an SSL certificate
One of the best ways to check the websites authenticity depends on the visual cues of the SSL certification on a website. What are those visual cues and where to find them? As it is the most accepted standards of security, it will be displayed where everyone can see them and maybe even you encountered them without knowing it.
The first cue is on the address bar. The websites prefix will be https:// while without an SSL certification it will look like http://.
In the address bar you will see a big indication of safety, the presence of a padlock before the web address. This assures that the connection is encrypted and secure from both sides which eases the mind of users when making payments.
The Extended Validation SSL Certification (we will talk more about it below) when used on a website will display the company name in the address bar. This is the most secure form of certification proving to customers that it’s 100% legitimate.
For the final visual cue of SSL certification is a seal image which can be used on a site to display the brand of the SSL. This lets customers know the information is secure and protected which will lead to higher chances of transactions to take place.
After getting acquainted with the visual cues, let’s move onto the levels of SSL certification.
Different types of SSL Certificates
- Domain validation SSL Certification
- These type of certifications needs proof of control over just the domain name. They do not check the identity of the organization as the certificate contains only the domain name supplied to the issuing authority. These SSLs are the most basic level of SSL and appropriate for test servers and internal links.
- Organization validation SSL Certification
- These type of certifications cannot be obtained by individuals but only businesses and organizations have the possibility. The reason is that it’s required to prove that the company is registered and legally accountable as a business while proving that they own the domain name. The certificate issued is the proof of domain and company name.
- Extended validation SSL Certification
- EV SSL requires both the validations for domain and company as well as many additional authentication steps which certifies that it is a registered company. The company information are then integrated into the certificate which users can access from the access bar. Using a EV SSL will display the company name in green on the address bar and this is a high visual sign of trust on the website when handling personal information.
We hope this article about SSL certificates has helped you to understand what an SSL certificate is, what it does and why it is so incredibly important to have one for your site - both to keep your customers safe and to help you increase and retain traffic, and increase your sales! If you want to know an in depth guide on hoe SSL work, you can check out our article which explains how SSL and TLS work.