An SSL Certificate will allow you to secure your site with https. Common questions surrounding this topic are “how to get https”, “how to secure my site with https”, “what is an SSL Certificate”, “how to get an SSL Certificate”, and “how to enable the green address bar for my domain”. We’ll do our best to address these questions below and leave you with a clear understanding of why you should secure (https) your website.
- Why should I secure my website?
- What is an SSL Certificate?
- What is a Certificate Authority (CA)?
- How does an SSL work?
- Will I see any benefits after securing my site?
- Different types of SSL Certificates
- Levels of SSL Certificate validation
- Do you install third-party SSL Certificates?
If you’re looking to secure your site you’re in the right place. Before moving on, let’s clarify a few things first. When you have an SSL Certificate set up and installed for your domain that will allow you to access (and direct visitors to) your site via the https URL – https://yourdomain.com vs. http://yourdomain.com.
Why should I secure my website?
This is a valid question that many customers ask and there are many great benefits to securing your site. In the past, SSL Certificates were mainly used on eCommerce sites. Why? To encrypt sensitive customer information or data. Simply put, to protect customers and make sure their data is transmitted securely over the web.
Adding an SSL Certificate will also add a green address bar to your domain. This can easily be seen in the address bar of your browser and will show visitors that your site is secure gaining their trust.
When you load a website over HTTP, someone else on the network can look at or modify the site before it gets to you.
Back on September 8, 2016 Google also made an announcement surrounding the topic for a more secure web. Beginning in January 2017 Google’s browser Chrome began marking domains in the address bar as Not secure. Eventually, you will see a red Not secure label (this is already being implemented) next to the domain in the browser’s address bar.
With more and more of the web transitioning to HTTPS protocol it will make it more difficult for ISPs, Governments, and others to watch what your activities are online.
What is an SSL Certificate?
SSL stands for Secure Sockets Layer. An SSL Certificate’s main function is to authenticate the identity of a website and to encrypt the data and information that’s being transmitted.
What is a Certificate Authority (CA)?
Taken directly from Wikipedia:
In cryptography, a certificate authority or certification authority (CA) is an entity that issues digital certificates.
A digital certificate certifies the ownership of a public key by the named subject of the certificate. This allows others (relying parties) to rely upon signatures or on assertions made about the private key that corresponds to the certified public key. In this model of trust relationships, a CA is a trusted third party—trusted both by the subject (owner) of the certificate and by the party relying upon the certificate. The most commonly encountered public-key infrastructure (PKI) schemes are those used to implement https on the world-wide web.
How does an SSL work?
Think of an SSL as a piece of technology that creates a private (secure) conversation between you and a website’s server.
After there is a secure connection made between you and the server, a session key is used to encrypt all transmitted data. Your browser connects to a web server (website) secured with SSL (https). When the browser connects to the web server it requests that the web server identifies itself. The server then sends a copy of its SSL Certificate, including the server’s public key to identify itself to the browser. This ensures that you, the visitor of the website, are not visiting a fake or bogus website.
Will I see any benefits after securing my site?
Search Engine algorithms are now placing a heavier emphasis to favor secure HTTPS websites when determining their ranking factors. What does this mean? It means potentially higher organic rankings for your website. This does not guarantee higher organic rankings. As time progresses and more websites transition to HTTPS, including your competitors, you don’t want to be positioned behind curve without an SSL Certificate securing your website.
In short, you may rank better in the Search Engine’s organic search results, but protecting your own information as well as your customer’s information should be your first and highest priority. Securing your website will ensure sensitive information is not intercepted by hackers or identity thieves; bodies the information wasn’t intended for. If you’re an online businesses selling products or services, you are required, by the Payment Card Industry (PCI) compliance, to have an SSL Certificate.
What are the different types of SSL Certificates?
There are many different types of SSL Certificates. You’ll want to make sure to get the right SSL Certificate for your particular needs. The type of SSL Certificate you will need will change based on the domains or subdomains you want to secure.
Types of SSL Certificates
It’s very easy to get confused with the different types of SSL Certificates. Here are the three types of SSL Certificates you’ll want to consider for your website:
- Single SSL Certificate
- Wildcard SSL Certificate
- Multi-Domain SSL Certificate
Single SSL Certificate is used to secure a single domain or single subdomain (either or, not both).
Wildcard SSL Certificate is used to secure a single domain and any subdomains (e.g., domain.com and dev.domain.com).
Multi-Domain SSL Certificate is used to secure multiple domains. (e.g., domain1.com, domain2.com, and domain3.com).
Levels of SSL Certificate Validation
On top of paying attention to the type of SSL Certificate your site will require, you’ll also need to know what level of validation. Most of you reading this blog post will fall into the category for a Single Domain Validated (DV) SSL Certificate.
- Domain Validation (DV)
- Organization Validation (OV)
- Extended Validation (EV)
Domain Validation (DV) is typically the least expensive SSL option–the one most of you reading this will fall into. A Domain Validated SSL Certificate will cover basic encryption and verify the ownership of the domain name registration.
Organization Validation (OV) covers basic encryption and verifies the ownership of the domain name. However, additional verification is needed such as the name, address, and telephone to be issued this type of certificate.
Extended Validation (EV) is the highest level of validation. In addition to verifying ownership of a domain name’s registration details, entity authentication is also required; the legal, physical and operational existence of the entity.
Do you install third-party SSL Certificates?
Yes, we install third-party SSL Certificates at no additional cost. If you are migrating from a Linux web hosting provider you’ll need to request that they provide the CER (actual certificate) and RSA Key (private key). If you are migrating from a Windows web hosting provider you’ll need to request that your hosting provider export the SSL Certificate as a PFX (with password).
Now that you’ve learned about SSL Certificates it’s time to secure your site. Check out our SSL Certificates page! If you have any questions on how to secure your site please contact support!