Design & Development, Security, Web Hosting

What is an SSL Certificate?

Tweet about this on TwitterShare on FacebookShare on LinkedInEmail this to someone
Love this article? Make sure your friends and coworkers don't miss out!

section header imageAn SSL Certificate can be installed on your site to create an encrypted link to your visitors. This helps keep information from being stolen during transit between the browser and server. In a world with rising cyber crime, you can never be too careful with your online presence.

An SSL certificate also authenticates that your company is associated with your domain, thus giving visitors peace of mind when they land on your site. Visitors will know your site is secured by the lock icon in browser URL field.

It is commonly believed that you only need an SSL certificate if your site handles credit card transactions or sensitive data. However, while this may have once been the standard, it is no longer the case. Some search engines are now actively penalizing sites that do not have an SSL certificate. The penalties can range from bad SEO to a pop-up warning stating that the site is not safe.

How SSL Secures Your Domain

SSL stands for Secure Socket Layers. It is a security technology that encrypts links between servers and clients (like browsers). If SSL is not used, data is sent between the server in vulnerable plain text. This is not secure since people can easily spy on plain text that is in-transit. To protect this information, you need it to be encrypted. The easiest way to encrypt these server-to-client “conversations” is to install an SSL certificate.

All browsers have the capacity to interact with a web server using SSL. However, web servers need SSL certificates in order to use the SSL protocol.

The Encryption Process

When a browser attempts to connect to the server, the browser will ask the server to identify itself. In response, the server will send the browser a copy of its SSL certificate, along with the server’s public key. The browser will then check the information to make sure it is correct. If this info is valid, the browser will respond with an encrypted key that it has created based on the public key it received earlier. The server will decrypt this key using its own private key, then sends a message back to the browser saying it is ready to start an encrypted link. All the information that is then shared between the two will be encrypted based on the key that the browser created from the server’s public key.

Changing HTTP to HTTPS

When you add an SSL certificate to your site, it is necessary to use https instead of the http version of your site. This is because https initiates a secure connection via port 443, while http instead uses the insecure port 80. People often have to set up redirects to your https site from the http one, so that traffic will always use the secure connection. Otherwise, traffic may inadvertently visit the http version of your site, thus loading the site over an unencrypted link.  For more information about changing your site over, see our blog, How to Serve Your Site Over HTTPS, for more information.

How Do I Get an SSL Certificate?

SSL certificates are issued by Certificate Authorities (CA). CAs offer an assortment of certificate types, ranging from basic, single domain certificates to in-depth, multi-domain ones. Some CAs will offer Relying Party Warranties along with their certificates. These warranties may reimburse you for a fixed amount if the SSL certificate malfunctions and allows someone to steal information.

Some CAs even offer free SSL certificates, the most popular example being Let’s Encrypt. While Let’s Encrypt has no Relying Party Warranty and only provides the most basic certificate type, it is completely free. These certificates only last 90 days, opposed to other yearly certificates, but some hosting companies, like pair Networks, have created an automatic process for generating and applying Let’s Encrypt to domains. This streamlines the process and makes it much easier to renew. If your hosting company does not offer automatic generation or installation, check to see if they will allow you to manually install the Let’s Encrypt certificate on your account. While more difficult, this may be an option if you prefer Let’s Encrypt.

SSL Certificates: The Key to the Future

With search engines pushing for SSL certificates to become mandatory for sites, knowing how SSL certificates work and how to get one gives you a jump start on the future. If you don’t want to spend money on your certificate, Let’s Encrypt is a free option. While it doesn’t last as long as yearly certificates and does not come with a Relying Party Warranty, Let’s Encrypt will still secure the link between your site and its visitors. Protecting your information and your customer’s information is important. Make sure its safe with an SSL certificate.

Tweet about this on TwitterShare on FacebookShare on LinkedInEmail this to someone
Love this article? Make sure your friends and coworkers don't miss out!