What is an SSL Certificate?
Only websites with SSL certificates are shown as ‘secure’ by major browsers
SSL (Secure Sockets Layer) certificates are what enables encrypted communication between a browser and a web server. When a website has an SSL certificate, there is a lock displayed in the address bar. They’re also what changes the HTTP in your URL to HTTPS. By displaying a lock and HTTPS in your URL, you are informing your viewers that your website is secure.
The good news is that SSL certificates are included in all our hosting plans making your site secure while protecting sensitive information like credit card details.
For businesses that wish to succeed online
- 200 GB
- 500 mail accounts
- Website Builder
- 1-click WordPress
- 5 websites
How do SSL Certificates work?
SSL technology goes into in-depth technical detail. Essentially, three keys make up an SSL connection; private, public and session keys. Anything encrypted with the public key can only be decrypted with the private key and vice versa. To help you understand, we’ve listed the steps taken between the browser and server:
- The browser connects to a website secured with an SSL certificate. Here it requests that the server identifies itself.
- The server sends a copy of its SSL certificate, including the servers public key.
- The browser checks the certificate against a list of trusted certificate authorities. It will check that the certificate is in date, and un-harmed.
- Next, the server decrypts the session key, using its private key and sends back an acknowledgement receipt.
- Finally, the server and browser encrypt all transmitted data within the session key.
Here’s a simplified example. Let’s suppose there are two people, Alice and Bob. Alice wants to send Bob a message but is worried her message might get intercepted. By encrypting the message with Bob’s public key, only his private key can unlock the message.
If Alice gets a response claiming that it comes from Bob, she can verify if it came from Bob. If it was encrypted by Bob using his private key, it should be able to be decrypted by Bob’s public key.
What information does an SSL certificate contain?
• Your domain name
• Who the certificate was issued to.
• Which certificate authority (CA) issued it.
• The CA’s digital signature.
• Any associated subdomains.
• The date the certificate was issued.
• The expiration date of the certificate.
• The public key (the private key is secret!)
Why do I need an SSL Certificate?
The main reason in which SSL certificates are used is to keep sensitive information and data on the internet, safe. However, there are numerous other reasons why you need to have an SSL certificate:
- Establishing trust – SSL certificates create a secure environment for visitors. It ensures that all data between the browser and the web-server is encrypted. If a malicious actor were to intercept web traffic to your site, it would be jumbled up. Meaning, data such as personal and credit card information doesn’t fall into the wrong hands.
- Search Engine purposes– Google has stated that websites with an SSL certificate are more trustworthy from an SEO point of view. Therefore, they will penalise websites without an SSL certificate. Instead, they will push for websites with an SSL certificate to appear higher in the search engine: meaning, more views.
- Keep visitors– Most users will be deterred by the ‘not secure’ label on a website and leave. If you want to make sure visitors stay on your site, you should get an SSL certificate.
- Website speed– The HTTPs in your address bar, makes your website load faster. Thereby improving your website performance and in turn, improving your search engine ranking.
Important takeaway: SSL certificates allow websites to authenticate themselves. An authenticated website prominently displays a lock in the address bar on all major browsers. Conversely, browsers like Chrome label websites without SSL as ‘Not Secure’ in red.
Where do I buy an SSL Certificate?
SSL Certificates can be purchased from Certificate Authorities or your web or with your domain hosting provider.
We include and integrate a free wildcard SSL certificate into all one.com hosting packages, so you don’t have to spend time on multiple sites trying to configure DNS Records. You can redirect all traffic to your site to follow HTTPS as detailed in this guide to managing SSL certificates.
Types of SSL Certificates
SSL Certificates can only be issued by one of only a few Certified Authorities (CAs). The CAs provide several levels of validation, some of which require a stringent manual check. That’s why the cost of an SSL certificate varies. If you purchase a hosting package from one.com, an SSL certificate is provided free of charge. If you’re interested, here are the various validation levels and certificate types and what they mean:
Validation Levels
Extended Validation
Extended Validation (EV) is the highest level of validation. The certificate authority (CA) only awards the EV certificate after a rigorous background check following strict industry guidelines from the CA/B (Certificate Authority/Browser) Forum. It is thus the most expensive type of validation and widely used by large e-commerce sites and banks.
Organisation Validation
Organisation Validation is the next highest level of validation. It is also awarded after the certificate authority (CA) conducts a manual vetting process. It does not have to conform to CA/B Forum standards and is thus less expensive than an EV certificate.
Domain Validation
Domain Validation certificates are typically used by small businesses and startups. While they provide the same levels of encryption as the other certificates, they are issued without manual vetting after an automated process. It is thus faster and cheaper than Extended and Organisation Validation.
Certificate Types
Single Domain Certificates
Single Domain Certificates, as implied in its name, cover a single domain and all paths leading from it. It is available at all three validation levels at various price points and is the most common for small companies and startups.
Wildcard Domain Certificates
Wildcard Domain Certificates cover all subdomains at a given domain. For example, if your domain is www.domain.com, a Wildcard Domain Certificate also covers subdomains like store.domain.com and country.domain.com. It is usually expressed by a wildcard character, or *.domain.com, which is where the name comes from. It is also available at all three validation levels.
Multiple Domain Certificates
A single Multiple Domain Certificate covers up to 100 unique domains. It is also easy to add or remove domains to the certificate, which allows network administrators to manage it easily. Like the other two types, it is available at all three validation levels and can be cheaper than purchasing multiple Single Domain Certificates.