What Is An SSL Certificate

Think of visiting a website as having a conversation. You exchange (a lot) information with the server and it responds back with data of its own. Some of the information exchanged is clear – and you provide it. Some of it, is exchanged behind-the-scenes, like your IP address, browser, and type of device.

If you were discussing something sensitive (your credit cards details, for example) you’d want that conversation to take place in a secure and confidential way, right?

What Is An SSL 

SSL, also called TLS (transport security layer), is a protocol for encrypting Internet traffic and verifying server identity.

SSL is short for secure socket layer – a technology that encrypts communication between users and a website. It takes the form of a certified piece of code on a website that links the encryption to the website.

Pretty straight forward.

This encryption ensures that important data such as usernames, passwords, and credit card information is sent from the user to the website without the risk of interception by “bad guys”.

Why Is An SSL Important

With data breaches being featured in the news on a far-to-regular basis, it is essential that businesses protect themselves, and their customers, with the use of SSL technology. Here are 3 main reasons why SSL is important.

  • It keeps user data secure – usernames, passwords, credit card information and other sensitive data
  • It verifies the ownership of the website – you know that hackers have not creaked a fake copy of the site to collect your information
  • It conveys trust 

What Kinds of Websites Needs An SSL

Every website. An SSL is not just for ecommerce sites, or membership sites.

  • If your site has a login, you need SSL to secure usernames and passwords (hint, EVERY site has a login)
  • If you are using forms that ask for sensitive customer information, you need SSL to stop your customer data from being appropriated by hackers (hint, contact forms as for names and emails, so they all ask for confidential info)
  • If you offer a freebie/resource in exchange for an email address, YOU ARE asking for sensitive information

SSL and Search Engine Ranking

While the real purpose of SSL is securing information between the visitor and your website, there are other benefits, namely pleasing Google and the opportunity for a page rank boost.

Google (and other search engines) are serious about its browser security, and has taken the stance that ALL data submitted to Google listed websites should be secured with SSL.

How Do You Know If A Site Has An SSL Certificate

If you’re not sure whether your (or any) site has SSL, you can easily find out by checking the URL of the site. If it starts with HTTP, you aren’t secure, and if it begins with HTTPS, then your website has an SSL certificate. The “S” actually means “Secure”.

See an example below.

https://www.thesoufulweb.com (site with SSL certificate)

http://www.thesoufulweb.com (site without SSL certificate)

Some internet browsers have began publicly shaming sites without SSL (I know!). Different browsers have imposed different indicators of whether a site is secure. For example, Google Chrome will signal the site is ‘not-secure’ in the browser bar while Firefox will label them ‘non-secure’.

How Do I Get An SSL Certificate

SSL certificates can be obtained via your webhost (or most webhosts, anyway).

The cost of an SSL certificate can range from free to hundreds of dollars, depending on the level of security you require.

For an SSL certificate to be valid, domains need to obtain it from a certificate authority (CA). A CA is an outside organization, a trusted third party, that generates and gives out SSL certificates. The CA will also digitally sign the certificate with their own private key, allowing client devices to verify it. Most, but not all, CAs will charge a fee for issuing an SSL certificate.

Once the certificate is issued, it needs to be installed and activated on the website’s origin server. Web hosting services can usually handle this for website operators. Once it’s activated on the origin server, the website will be able to load over HTTPS and all traffic to and from the website will be encrypted and secure.

Many webhosts offer a free SSL certificate that is shared among multiple customer domains. Usually, for websites that have minimal sensitive information they collect (names, and email addresses) a shared SSL is sufficient.

Keeping Your Visitor’s Browsing Experience Secure

It’s difficult to trust a website without an SSL certificate. And you shouldn’t submit any sensitive personal information to a page without one. Frankly, I would not share anything at all with a website that was not secured by a SSL.

Caveat. A SSL certificate doesn’t mean your information isn’t at risk at all. There are a number of ways that a website (that is not properly secured and maintained) can suffer a breach and your information can be compromised.

That is another conversation and another blog post.

This post may contain affiliate links. This means we may receive a percentage of the sale in commission.

We only recommend products we use ourselves and believe in. Thank you for supporting us!