Privacy is the big pillar that most companies, governments and businesses are talking about in todays always-online society. We want to take a few moments to answer a question that we are hearing from small business owners more and more: What is an SSL certificate?
A little history
SSL certificates as we know it all began in 1994, when Netscape adopted this type of secure communication to create a secure path between sender and receiver. Secure communications for most large agencies, including government bodies was a large focus of attention as the world slowly started to stumble onto the internet. For a more detailed history of how SSL certificates, and the encrypted keys they transmit came to be, a quick google search in Wikipedia will give you an ample afternoon of reading.
So what exactly is an SSL certificate?
An SSL certificate is a grouping of small data files. These data files will bind a key to a website and the organization’s identity. Essentially, it confirms that the website is who they say they are. When an SSL certificate is activated on a website, your connection, or your customers connections are secure and protected.
Companies and organizations need to install these certificates onto web servers to initiate secure sessions with web browsers like Chrome, Safari, Mozilla etc.
Why should I have an SSL certificate?
To put it simply: it provides a secure and reliable private connection for your clients.
If you’re a company that wants to keep your data secure, increase your Google rankings (more on this in another post!), enhance the trust you receive from clients and customers, keep your customers credit card information secure, login details hidden, or anything that is sensitive, you should have one installed on your site.
Let’s install an SSL Certificate!
We like where your head is at but let’s take one tiny and important step back for a second. Did you know there are multiple types of certificates based on the activities of your site?
Depending on the goal of your website, you may not need the most advanced and most expensive SSL certificate available.
What types of SSL Certificates are there?
A padlock beside the URL (typically to the left) will appear on sites with SSL certificates. In EV SSL Certificates, you can click on these padlocks to see if your entire connection is secure or not.
The types of SSL Certificates are:
- Extended Validation (EV SSL) Certificates
- Organizational Validated (OV SSL) Certificates
- Domain Validated (DV SSL) Certificates
We are only going to touch on the type of SSL that is most scrutinized for acceptance, and the one that is the best fit for most small businesses.
1. Extended Validation (EV) SSL Certificates
Take a look at the images above. Both taken from a Safari browser, but Chrome will act int he same way. I’ve used GlobalSign.com to demonstrate an EV SSL Certificate.
An EV SSL Certificate has the highest level of scrutiny on the whole. This certificate verifies legal, physical and operational existence, that the identity and entity match official records, and that the domain has the only rights to use the domain specified.
For most businesses owners, this is overkill, and even websites like amazon.ca don’t place this burden on itself. But let’s talk about what Amazon and most other sites DO use.
2.Domain Validated (DV SSL) Certificates
The DV SSL Certificates are a cost effective solution for small businesses who don’t take payments on their website. For example:
#1 – Jody has a website that sells yoga classes, but when new customers go to sign up, they are linked to an external site to pay.
#2 – Keith has a website that sells furniture, and lists all the products on his site. When a customer wants to purchase furniture they must contact Keith, or a link directs them to a payment terminal outside of the website (like, Stripe, PayPal, etc).
In both of these examples, the payment processor is not on the website. Most scheduling and payment plugins that extend to other sites acquire their own SSL certificates.
If you plan to take payments on your website directly, and you do not use a site like Squarespace that offers SSL included, you will need to move up your certification to a tier higher to ensure the type of encryption and trust is present.
Even if you don’t sell anything or transmit sensitive information on your site, adding a free public SSL is a great way to boost your authority with Google, and provide peace of mind for your users.
We can help with that!
So now I’m ready, how do I install an SSL certificate?
If you don’t have someone managing your website, like Pilot, we recommend going this way:
- If you’re on WordPress, contact your web hosting company: In most cases your web hosting company has support on staff to help you obtain and install SSL Certificates in a no hassle fashion. Our preferred web-hosting domains are: A2Hosting & SiteGround.
- If your website is only focused on selling products, consider using Shopify, Etsy, Squarespace or any e-commerce focused web-platform. You will have certificates built into your website that is acceptable for Google and consumer trust!
The world of SSL certificates can seem very confusing, but the main take away is that SSL Certificates provide a way to ensure that the communication between the web-site and the end user is encrypted, secure and safe.
We hope this has helped see the importance of SSL certificates. If you need your website updated to include SSL certification, we can help! Reach out to us on our contact page.