All About SSL Certificates
The SSL protected websites have a lock symbol on top of the page, in the browser and/or a green bar. You will see them right before the ‘https://’ and the address of the website. That is how users know that the connection is secure.
SSL is usually used to ensure secure credit card transactions (when shopping online, etc.) or simply to secure data transfer or social media websites. It can be used by any internet service or corporation, banks, ecommerce platforms and so on.
The newer form of SSL is TLS (Transport Layer Security), which is more secure and evolved, but they operate in the same way.
How does it work
When you install an SSL on your server, the HTTP protocol will change to HTTPs (‘s’ meaning secure). SSL uses the principle of symmetric cryptography. Encryption ranges from 128-bit to 256-bit, but the higher the encryption, the better.
The browser that wants to connect to an SSL protected website has to create a Certificate Signing Request (CSR) on the server. It asks the server to basically identify itself. The server does so by sending a copy of its SSL certificate and if the browser trusts the received data, it messages back the server, creating a symmetric session key, with the help of the server’s public key. In response, the server sends an acknowledgement to start the SSL encrypted session (gives the browser the necessary ‘key’ to the ‘lock’). From that point on, the two parties communicate and share the encrypted data. That is when the ‘https’ makes its appearance.
An SSL Certificate can be bought from a Certificate Authority (CA).
Types of SSL
There are currently 3 types of SSL Certificate: Extended Validation (EV SSL), Domain Validated (DV SSL) and Organization Validated (OV SSL).
Domain Validated (DV SSL)
They are the cheapest ones and they are not used for commercial purposes. They are not as trust-worthy as the other two types. Although data IS encrypted with this SSL, you never know who is at the receiving end, since there is NO identity info displayed.
Organization Validated (OV SSL)
These are more trust-worthy and they are the most common ones required for commercial/public websites. They provide legitimate business info so you have visibility on who is behind the website.
Extended Validation (EV SSL)
This type of SSL Certificate is the most trusted and secure type of the three and it is used by all major leading organizations. It has been proved they improve customer confidence and increase online transactions.
SSL Certificates - What to Look For
Here are the most important things you should consider when you choose an SSL Certificate:
Choose an SSL that is adequate for your business/purpose.
As we’ve already mentioned, there are 3 types of Certificates and each of them is suited for certain types of websites. Sites can be personal or public, commercial or non-commercial.
Domain Validation (DV) is the cheapest and it is best tailored for internal or testing websites, that don’t do any commerce. So why spend more money if not necessary? Also, this type of certificate is issued in a very short period of time, almost instantly.
Organization Validation (OV) is suited for eCommerce platforms or websites that collect personal information. It is issued in approximately 1 day and it is more secure, but more expensive.
If you own a large business, a bank or a website where safety and privacy are your main concerns, you should probably consider Extended Validation (EV), which is the most advanced type of SSL Certificate. You will have to wait from 3 to 5 days in order for the certificate to be issued, but you will benefit from 2048-bit encryption and the green bar we mentioned in the ‘Introduction’.
How quickly do you need the SSL Certificate
This one is related to the aforementioned topic. SSL Certificates can be issued almost instantly or within 3 to 5 days, depending on the type of SSL you choose.
How many domains/subdomains do you want to secure
You can buy an SSL Certificate for a single domain, or you can opt for multiple domains. Do your research before making a decision.
There are single-name certificates, which can only protect a single domain, wildcard certificates, that protect an unlimited number of subdomains and multi-domain certificates, which can protect up to 210 domains (the number varies from provider to provider) with just a single certificate.
Technical support should be a priority
Even if you have to invest a bit more, try to choose an SSL provider that comes with quality technical support, on a 24/7 basis, if possible. You will appreciate this piece of advice on the long run.
Choose a provider that has several brand options
You don’t want to be given a biased suggestion when browsing for the right SSL. You should have a wide selection of options at your disposal.
Make sure they include a ‘money-back guarantee’
Check out the provider’s policy and go for a‘30-days money back guarantee’. A company that is willing to give you a refund without delays or complicated procedures is always more trust-worthy.
What is wrong with free certificates
You’re probably asking yourself why pay, when there are so many free options out there? Well, have you ever tried to access a website and got the following window: ‘this connection is untrusted’? Well, that was a site with a self-signed or free certificate. Every time users try to access a website that is secured in this way, most browsers will display that message. While some of the visitors will proceed anyway and choose to click on ’I understand the risks’, a lot of them will immediately click on ‘Get me out of here!’.