Many of you may have noticed that some website URLs begin with https prefix, display a padlock to the left of the URL, have a trust seal and sometimes show a green address bar. These are all visual signs of the trusted SSL certificate. SSL is short for Secure Sockets Layer, which is a global standard security technology for encrypting communications between a website and the visitor’s browser. A Digital Certificate, also called an SSL certificate, is installed on the web server to create a secure connection which ensures that all data passed between the two intended parties remain private and secure. In essence, SSL encryption serves a dual purpose:
- It authenticates the identity of the website as trustworthy, which assures visitors that they’re on a legitimate site that has not been tampered with by hackers or identity thieves.
- It encrypts the data that is being transmitted, to prevent hackers from stealing or tampering with private information such as credit card numbers, passwords, names, addresses and emails.
Do I Need an SSL Certificate?
An individual or business will need an SSL certificate, if they use a website to:
- Sell products or services,
- Accept credit card payments online through a merchant account, or
- Collect confidential information such as logins and passwords, personal data (e.g., name, address, social security number, birth dates), medical records & proprietary information, etc.
Credit card companies such as Visa, MasterCard, Discover Network, American Express, and Diners Club International made it mandatory for a website to be payment card industry (PCI) compliant in order to accept credit card payments. It is therefore essential to have an SSL certificate if you receive, transmit and process credit card information.
Customers are becoming much savvier and prefer not to conduct business online or give away their credit card information unless they are assured of the legitimacy of a business. Visitors look for the reliable symbol of an SSL Certificate to see if it is safe to complete secure transactions on the website.
Types of SSL Certificates
There are different levels of SSL certificates. SSL certificates can be issued based on:
- The number of domain names or subdomains owned, including:
- Single – The certificate enables SSL encryption on one fully-qualified domain name or subdomain name
- Wildcard – A Wildcard SSL certificate secures one domain name and unlimited subdomains (subdomains should have the exact same second level domain name) using a single certificate.
- Multi-Domain –One multi domain certificate can secure up to 210 domains, with a mix of different second level domains like domain.com, www.domain.com, domain.net etc.
- The level of validation needed:
- Domain Validation – provides private SSL certificates with basic encryption and verification of the ownership of the domain name registration. A domain validation certificate ties in with your unique domain name and it helps customers feel comfortable transacting with you online.
- Organization Validation – certifies your company’s identity in addition to basic encryption and verification of ownership of the domain name registration. This requires documentation and details of the owner (e.g., name and address) for authentication. This SSL validation certificate displays your site in a browser differently to show your business legitimacy.
- Extended Validation (EV) – EV certificates provide the highest degree of secure connections because the certificate is issued after checks and verification of ownership of the domain name registration, business authentication, and also the physical and operational existence of the business. This type of certificate is the highest standard of assurance for visitors to prevent fraud and the green HTTPS address bar is exclusive to EV SSL certificates.
SSL Certificate Providers
The most essential aspect of an SSL certificate is where it comes from, specifically the Certificate Authorities (CAs) issuing it. CAs are organizations that verify and authenticate the identity and legitimacy of the purchasing company requesting a certificate. The CA authenticates the applicant credentials using WHOIS database, Dun & Bradstreet data, photo ID’s issued by government organization or other credible sources to issue certificates and retain status information on them. Choosing the right SSL provider is of utmost importance because web browsers normally store a cached list of trusted CAs on file. The browser generally warns the user that the website may not be trustworthy when the digital certificate is signed by somebody not featured on the ‘approved’ list. When evaluating SSL Certificate providers, you also need to consider the data encryption level, web browser compatibility, and price.
You can purchase digital certificates from a domain name registrar or website hosting provider. If your site is hosted on a VPS or Dedicated Server, then it requires a dedicated IP address for each private SSL.
HostLabs provides two types of SSL certificates. A shared and a personal certificate.
The Shared Certificate is included with all Basic and Business plans. Shared SSL works only with html, and cgi/perl based documents/scripts/carts because of security restrictions on the servers. HostLabs do not offer a Shared SSL Certificate with the Windows plans.
If you require SSL for PHP, ASP, JSP pages you will need to purchase a personal certificate and dedicated IP. With a personal certificate your link would appear as https://yourdomain.com.
Alternatively you can also purchase your certificate from another Certificate Authority and have HostLabs install it.
Choose your SSL Certificate according to your website security needs and the volume of online transactions your website handles. In the end make sure your SSL Certificate is compatible with almost all browsers worldwide.