Have you ever noticed some of the websites start with HTTP and some start with HTTPS?
What does the extra “S” stand for?
To put it simple, the extra “S” shows that the connection between you and the web server is secured. Hence, important and sensitive data such as name, password, email address, etc is encrypted while transmitting.
The technology used to put the extra “S” is called SSL – Secure Socket Layer.
What is SSL and how does it work?
SSL (Secure Socket Layer) is a protocol that provides a secure channel between 2 machines.
SSL is important to ensure that your data is encrypted during transmission and is secured from possible hackers.
An SSL certificate is a digital certificate that authenticates the identity of a website. It’s installed in a web server to act as a protection to visitors’ data. It also contains the information or a website such as domain name, company name, and location with a unique cryptographic key.
Having an SSL is a way of telling your users that the connection between their browser and the web server is safe.
Why is SSL certificates important to your business?
There are plenty of reasons why your website should have one. But, the most important one is that by having an SSL, your visitors know that the website is a legit entity and their information is kept safe.
Also, if you are not aware, Google is giving preference to websites that are secured with SSL. Google will rank a website with an SSL certificate higher on their search engine.
If you are running a website, implementing SSL will give your website an advantage to those without.
The benefits of SSL are beyond making Google happy.
Implementing SSL on your website is a sign of trust to customers. When people trust you, there’s a high chance they will subscribe to your newsletter, share your content, buy from you or do business with you.
Implementing SSL certificate on a website
How to determine if the website is equipped with SSL?
You will notice there are HTTPS and a padlock in front of the URL.
This shows that the website is protected. You can click on the padlock to find out more information about the SSL certificate.
To install an SSL certificate is not a difficult task. If your website doesn’t involve any financial transaction, you can always for a FREE SSL certificate – Let’s Encrypt.
If you plan to use Let’s Encrypt SSL, you can host or move your website to one of these web hosts.
Alternatively, you can use the service provided by SSL For Free. SSL For Free let you install Let’s Encrypt SSL certificate on your website. And, it’s suitable for a website hosted on shared hosting plans since it doesn’t require having the root access.
You just need to verify the ownership of the domain by uploading the files generated to your website.
Here’s the step-by-step guide to follow if you wish to find out more.
And the end of the process, you can update your email address to their system. They will send you a renewal email notification before your certificate expire.
Types of SSL certificate
As mentioned earlier, Let’s Encrypt SSL certificate only validate the ownership of the domain (DV). This type of certificate is a drawback for websites dealing with financial transactions.
Here are 3 major types of certificate validation when it comes to SSL certificates.
Domain Validated (DV)
It only verifies the ownership of the domain like how Let’s Encrypt did. DV certificate type is suitable for small and personal websites.
Organizational Validated (OV)
This also verifies the ownership of the domain but with a tighter process. You need to provide the authorities with your full company details such as address, name, contact, etc. OV certificate is suitable for medium-sized businesses.
Extended Validated (EV)
The validation process is much more extensive. It involves manual process such as phone call verification, the applicant’s legal status verification, physical existence, etc. EV certificate type is suitable for website conducting financial transactions
Where to purchase an SSL for your website?
Besides Let’s Encrypt, there are others SSL certificate providers in the market.
All offer different validation types, pricing, and features for their certificates. You can visit their official site to find out more.
You might be thinking, “Why do I need to purchase a paid SSL since I can get one for free?”
Choosing the lowest bidder or a free SSL might save you cost but you might lose out on certain things. Let’s look beyond the price tag.
There are a few reasons to choose a paid SSL compared to a free SSL:
- A free SSL only validate the identity of the website owner and nothing else. For paid SSL, the certificate provider takes a step further to do the in-depth verification before issuing.
- Under normal circumstances, a Free SSL only lasts for a short period of time. This means you have to renew your certificate frequently. While paid certificates can last for a longer period.
- If you are having a problem with your paid SSL certificate, you know there are people to help you. Otherwise, you have to solve the problem by yourself.
- A paid SSL certificate comes with a warranty between $10,000 to over $1 million. You’re out of luck if you choose a free SSL certificate. You have to bear the responsibility even if the fault lies on the provider’s end.
You might have the feeling that you are forced to implement SSL on your website. But, at the end of the day, an SSL certificate is the trust between you – the website owner and your visitors. It’s also an important security feature to protect your visitors’ information. It’s worth the little investment after all.