Online security is essential to creating a safe environment online — and it’s foremost in the minds of your users.
WHAT ARE SSL CERTIFICATES?
SSL (Secure Sockets Layer) Certificates, sometimes called digital certificates, are used to establish a secure encrypted connection between a browser (user’s computer) and a server (website).
For your users, an SSL certificate establishes a secure connection between their web browser and your site server. This protects important information like passwords by adding a layer of encryption when the data is sent. Encryption is the process of scrambling data into an undecipherable format that can only be returned to a readable format with the proper decryption key.
An SSL certificate contains the following information:
- The certificate holder’s name
- The certificate’s serial number and expiration date
- A copy of the certificate holder’s public key
- The digital signature of the certificate-issuing authority
Once a certificate is successfully installed, the application protocol (also known as HTTP) will change to HTTPs, where the ‘S’ stands for ‘secure’. Depending on the type of certificate you purchase and what browser you are surfing the internet on, a browser will show a padlock or green bar in the browser when you visit a website that has an SSL Certificate installed.
TYPES OF SSL CERTIFICATES
There are many different types of SSL certificates based on the number of domain names or subdomains owned:
- Single SSL Certificate secures one fully-qualified domain name or subdomain name.
- UCC/SAN SSL certificate protects multiple websites.
- Wildcard SSL certificate secures your website and all subdomains. For example, a wildcard certificate for ‘*.domain.com’ could also be used to secure ‘calendar.domain.com’, ‘events.domain.com,’ etc.
and the level of validation needed:
- Domain Validation – this level is the least expensive, and covers basic encryption and verification of the ownership of the domain name registration.
- Organization Validation – in addition to basic encryption and verification of ownership of the domain name registration, certain details of the owner (e.g., name and address) are authenticated.
- Extended Validation (EV) – this provides the highest degree of security because of the thorough examination that is conducted before this certificate is issued (and as strictly specified in guidelines set by the SSL certification industry’s governing consortium). In addition to ownership of the domain name registration and entity authentication, the legal, physical and operational existence of the entity is verified.
SSL CERTIFICATE PROVIDERS
All SSL certificates must be purchased from a trusted Certificate Authority. Common CAs include Comodo, Thawte, Symantec, GlobalSign, as well as domain hosting sites like GoDaddy.com, Register.com, and NetworkSolutions.com.
- Comodo.com – https://ssl.comodo.com/comodossl.php
- Thawte – https://www.thawte.com/ssl/
- Symantec – https://www.symantec.com/ssl-certificates/#
- GlobalSign – https://www.globalsign.com/en/ssl/
- GoDaddy.com – https://www.godaddy.com/web-security/ssl-certificate
- Register.com – https://www.register.com/product/security-sslcertificates.rcmx
- NetworkSolutions.com – https://www.networksolutions.com/SSL-certificates/index.jsp
PLEASE NOTE: SSL certificates have an expiration date, which means you’ll have to renew it to keep your website secured (usually this is every year).