Have you ever seen that little gray padlock symbol to the right of a URL you type in your browser? For most people, the idea of getting locked up isn't all that attractive. But, for some reason, when it comes to website security when we see the padlock, it makes us feel all warm and fuzzy, safe and secure inside. And that's what SSL certificates are all about.
What Is an SSL Certificate?
Get a Free SEO Audit and Increase Rankings
First things first. Let's get the acronym issue out of the way. SSL stands for "Secure Socket Layer." We're sure that answers all your questions. Yeah, it doesn't do that much for us either.
In layman's terms, an SSL certificate is a type of technology that creates a secure link between a customer and a server. For example, if you visit an e-commerce website that has an SSL certificate and you make a purchase, you can feel pretty good that your name, address, credit card, and other personal information are safely and securely transmitted from you to their network and that no outside actors can get between the two of you. Hackers that do get between browsers and websites like to call those interceptions "man-in-the-middle" attacks. You don't want them!
Accomplished person that you are, you may have a dozen or more certificates on your office wall. But SSL certificates aren't anything like those. SSL certificates are tiny data files that create encrypted links between servers and browsers ensuring that all the data that passes between them stays private.
These data files contain several bits of information, the most vital being the website's "public key" and its corresponding "private key." Both are long strings of characters that encrypt and decrypt the information that is transmitted. Are you a fan of cryptogram puzzles? Public and private keys are a bit like that but taken to a highly sophisticated level.
SSL certificates also contain information about the person or organization the certificate was issued to, the authority that issued it with its digital signature, the certificate's issue and expiration dates, and other important information.
So How Do I Know If a Site Has an SSL Certificate?
Subscribe to our mailing list and get exclusive content (you can unsubscribe at any time, but you won’t want to 😉):
In addition to that padlock icon, websites that have a URL that starts with https:// instead of http:// have SSL certificates. That added "s" lets you know the connection is secure and though it may be tiny, it carries a whole lot of weight. Whether your online activities are to make purchases or just to find information, you always want to deal with sites that have the added "s."
This means you'll want an SSL Certificate for your site too.
What If I Don't Have an E-Commerce Business? What Can an SSL Certificate Do For My Website?
You may not have an e-commerce business, but if you want to get leads, you may very well have a form on your site that asks visitors to provide their names, phone numbers, and email addresses so you can provide them with more information. Without an SSL certificate protecting that personal information, it won't be safe from hackers.
Additionally, if you have any pages on your website that are password-protected, you'll be opening the door to having them manipulated or deleted altogether by malware.
And don't think your site is too small for anyone to bother with. Hackers often utilize bots that don't necessarily differentiate between large and small businesses.
Need another reason? A few years ago, Google's Chrome browser started displaying a "Not Secure" warning before any URLs in an address bar that lacked SSL. Think about what YOU do if you're doing a search and that warning comes up. If you're like most people, you exit out to safety. If you don't have an SSL certificate, visitors will do the same with your site.
Oh, and one more thing. You might not know it, but SSL certificates are good for your search engine optimization (SEO) efforts as well. Google ranking is all about listing trusted websites, so it's only natural that they give https sites a higher priority than http sites. Skip getting that certificate and you may drop a few rungs on the SEO ladder.
Are There Different Types of SSL Certificates? Which Websites Use Them?
You bet there are different types! In fact, there are three broad categories that SSL certificates fall under, and they're based on the level of validation and encryption they provide or by the number of domains or subdomains covered by the certificate. Ready to review them?
DV certificates are the most basic type of certificate and require minimal encryption. These certificates verify that the requester of the certificate is the owner of the domain that the certificate protects. Most often they are obtained for blogs and informational websites.
Organization-Validated (OV) Certificates
OV certificates verify the businesses, non-profits, or
governmental organizations that request them. They require an extensive
validation process. Often these certificates are obtained if the organization
requires code signing, document signing, or authentication of their clients.
Extended-Validation (EV) Certificates
These are the highest-ranked and most expensive SSL certificates. Like OV certificates, these require website owners to go through an extensive validation process, but the EV process is even more rigorous. EV certificates are obtained primarily for sites that ask for a substantial amount of personal information like medical providers and financial institutions.
I Like FREE stuff! Where Can I Get a FREE SSL Certificate?
Let's Encrypt provides free DV certificates only and is a trusted, global CA for custom websites, WordPress sites, and virtually any server that uses a domain name. What's more, Let's Encrypt is supported by all major hosting providers and platforms. A non-profit organization, its goal is to promote the widespread adoption of secure websites.
Are Websites Completely Protected With SSL Certificates?
Unfortunately, the work of unscrupulous hackers seems to be dominating the news more and more lately, so it would be ill-advised for us to say you'll always be completely safe. That being said, an SSL certificate is your best defense against a cyber-attack.
Not every phishing scam seeks personal or credit card information. Some malware is planted just to create havoc with websites. The last thing you want is some malicious hacker destroying all your hard work. Getting an SSL certificate will both safeguard your website and communicate to visitors that your site can be trusted.
As you can see, we care about your safety too. We hope it gives you a warm and fuzzy feeling.