Here is a basic illustration of how SSL certificates work. When a website without an SSL certificate is loaded, all the information sent by the browser to the web server is sent as plain text and anyone watching the web traffic can see and intercept that information. A secure website ensures that information sent to and from the server is encrypted and unreadable by anyone snooping.
Also, another thing that happens when a browser attempts to connect to a website is that the web browser requests that the web server on which the website is hosted to identify itself. The web server then sends the browser a copy of its SSL certificate, which the browser checks to see whether or not it trusts the SSL certificate. If it finds a trusted certificate, the web browser loads the site and displays a green padlock or green bar, depending on the grade of the certificate.
Are SSL Certificates necessary?
In the past, if your website didn’t collect sensitive data, like credit cards or social security numbers, you may not need to have an SSL certificate installed for it. But times have changed and SSL certificates are now required on all websites, otherwise web browsers will notify your website visitors that your website is not secure.
Such a notification creates trust issues and your website visitors may leave even if they were not going to submit any information or make a purchase. As such, it has become essential for every website to have an SSL certificate, no matter how basic.
Why you need an SSL Certificate
In the past, you may not have needed to worry about whether or not your website has an SSL certificate. But in 2017, Google released a statement announcing that that would mark “any sites that begin with http:// that collect passwords or credit card numbers as not secure.”
If your site falls in this category, even if it requires users to login only, you need an SSL certificate. You do not want your website visitors and users leaving your website because they are afraid that it isn’t secure.
Do SSL Certificates expire?
Yes; they do. By default, SSL certificates are renewed annually.
Why should I buy one when my webhost provides free SSL Certificates?
Some webhosts provide free SSL certificates for all websites hosted on their service. Such free certificates are usually the most basic types and are okay for personal websites and even business websites that do not collect any sensitive data from users.
But if your business website requires that users submit sensitive data, the free SSL certificates may not be sufficient for your website.
Credit cards and social security numbers are two of the most notable types of sensitive data that need an SSL certificate. If your business website collects sensitive info and requires trust, a paid certificate is the way to go. Paid certificates are issued and signed by a trustworthy certificate authority (CA).
You see, SSL certificates are not all the same. They come in grades and capabilities. The more sensitive information and transactions your website requires, the higher the grade of SSL certificate it needs.
I don’t need a paid certificate; where can I get a free SSL certificate from?
If you want a free certificate, these websites offer them:
Different kinds of SSL Certificates
There are three broad categories of SSL certificates, as follows:
Domain Validated Certificates (DV SSL)
DV SSL certificates are the lest expensive type and are used to secure basic personal and business websites that collect basic data or require user login. These are Domain Validated certificates and are also often single-domain certificates. That means they secure only the main domain name of your website i.e. yourdomain.com.
Organisation Validated Ceritificates (OV SSL)
Intermediate SSL certificates are required for businesses that collect more sensitive information. They also provide a higher level of trust. These are Organisation Validated certificates and require a more detailed process to obtain.
Extended Validated Certificates (EV SSL)
EV SSL certificates are deployed for full-scale ecommerce operations where highly sensitive information are collected. These certificates are the ones that add a green bar and business name in the browser’s address bar, like this:
EV certificates are the most secure and also the most expensive.
Lastly, note that regardless of grade of certificate, the certificate may be single-domain, multi-domain or wildcard. Single domain certificates secure only the top-level domain name of your site, e.g. stingero.com.
Multi-domain certificates secure the top-level domain and 100 sub-domains e.g:
Wildcard certificates secure the top-level domain and all sub-domains under it. The difference between multi-level and wildcard certificates is that the former has a limit to the number of sub-somains that can be secured.
How do I get an SSL certificate for my website?
You can get an SSL certificate for your website by buying from us here. We handle the technical setup so you do not have to worry about creating and installing it on your website. Usually, from order to setup is a matter of minutes for DV SSL if you have all required details ready. The process is longer and more detailed for OV and EV SSL certificates.
Regardless of the type you are ordering, we will need to correspond by email during the setup process, as some approvals are required.
To get started, pick the grade of certificate that fits your need, click the order link and complete the process. All fees stated below are annual.
For all enquires about our SSL Certificates service, please email: firstname.lastname@example.org.