Blog
What is SSL and how to choose one for your website
If you look at the address bar in the browser tab, you can see the symbols http or https before the name of any website. This refers to the protocol used to connect a user's browser to the website. HTTP stands for Hypertext Transfer Protocol. It's great for transferring messages, but unfortunately it doesn't provide enough protection for your Internet connection.
The HTTPS protocol is used to protect data. The letter "S" here means "security" and implies the use of a cryptographic encryption. HTTPS requires a website to have a special SSL certificate. This is a unique digital signature that confirms authenticity and security. Packets over https are transmitted in encrypted form, and even if a hacker intercepts them, he will not be able to decrypt and use them.
It is possible to check if a website has an SSL certificate by checking the lock icon next to its address. If it is missing, the browser will display a warning about insecurity: the packets you send may be stolen It is strictly forbidden to create a personal profile on such a resource and especially to enter bank card credentials.
Who needs an SSL certificate?
SSL certificate is essential for web resources that involve working with personal data. It is impossible to secure transactions on marketplaces and other services without an encrypted connection. Cryptography reduces the vulnerability and probability of data interception by intruders. In addition, there are other tangible benefits:
- Increased trust of visitors. People get used to see the lock icon in the address bar. All the large IT-projects switched to HTTPS a long time ago. SSL certificate shows a visitor that he is protected.
- Ability to connect third-party services. Modern payment and auxiliary web services (e.g., various Google tools) can only work with IT resources that have an SSL certificate. If you need to integrate third-party elements, you can't do without SSL.
- Improved search engine ranking. Search engines motivate website owners to certify web projects in their own way. For example, Google directly claims that HTTPS is a ranking factor in search. So, if you don't want to end up on the fourth page of a search results for your topic, enable SSL.
- Compliance with personal data protection laws. For example, European GDPR law requires legal entities including websites that collect personal data to use encryption. SSL helps meet the requirements of these type of laws.
Types of certificates
Depending on the source of origin, the number of connected domains, as well as validation methods, there are different classifications of certificates.
- Self-Signed. This certificate is signed directly by your server. Any user can generate it by himself. However, there is not much use for it - browsers will still display a notification that the Internet connection is not secure when you access a page with a self-signed certificate.
- Signed by a certification authority (CA). Such certificates are signed by special organizations, which guarantee the authenticity of a digital signature. There are not many certification authorities, the most famous are: COMODO, CloudFlare, LetsEncrypt.
Certificates from certification centers are divided into groups based on the type of data that should be verified in order to obtain it:
- Domain Validation (DV). Basic level. It provides cryptographic encryption and HTTPS connection. But it does not contain proof of the actual existence of the company.
- Organization Validation (OV). Allows establishing an encrypted web connection, but also certifies the validity of the company received this certificate. Only official legal entities can obtain it.
- Extended Validation (EV). The highest level of certification available to online businesses. In order to obtain it, you have to go through extended validation and provide the necessary documentation to prove your rights for the domain name.
Certification Authority also allows you to enable additional options:
- SAN. Upon obtaining a certificate, clients specify a list of domains that will be covered by the certificate.
- WildCard. Certification covers the domain name and all subdomains.
How to choose an SSL certificate?
The choice of certificate should be made based on your business needs. A FinTech project and a landing page for booking a webinar need a different level of SSL certificate. It is preferable to install a certificate before launching a web project. This will help to immediately take more favorable positions in search engines. You can add an HTTPS exchange very quickly, but the Google algorithms may notice it only after several months.
SSL certificates pricing varies from zero to several hundred dollars per year. If you are a local business owner or have a non-profit IT project, you can get a free SSL certificate. However, a large project that involves the processing of personal data and payments - it is recommended to get a paid one. Once you have decided on the number of domains to be connected and the type of verification, you can proceed to selecting a certification authority that offers the required set of services.
How to get a free SSL?
Free SSL certificates mostly belong to the Domain Validation category. They are suitable for small websites which do not ask for any sensitive data, e.g. a credit card number. DV-certificate is suitable for:
- a personal blog;
- a company's landing page;
- one-page website for registering for an event.
You can get a free SSL certificate from almost any CA. Most of them provide certificates with short validity period. For example, Let's Encrypt and COMODO offer free DV certificates for 90 days, as well as wildcards. In addition, many hosting providers provide DV certificates in a bundle with your hosting package.
However, DV does not guarantee that the website belongs to a real legal entity. For payment systems, marketplaces and other Internet projects that request banking information, it is better to have OV or EV certification.
How to install an SSL certificate on my website?
To make an SSL certificate working, you need to do the following:
- Preconfigure your server and make sure that the data in the WHOIS section matches the one sent to the CA.
- Create a request for signing the SSL on your server. Your hosting provider can help here.
- Send a request to verify the SSL certificate and information about the organization and domain name.
- Install ready SSL certificate on the site after validation.
Depending on the selected CA and verification method, certificate release may take from several minutes to several weeks (for extended validation).
Summing up
An SSL certificate provides a secure data exchange between a website and a user's computer. Thanks to cryptography, hackers will not be able to steal your data for their own purposes. It is not only about protection, but also about the trust of your visitors, search engine ranking and possibility of installing additional options.
There are many companies on the market that release SSL. Based on your needs and objectives, you should install an SSL certificate to your website for free or choose a paid one which provides better protection and a range of features.