A Beginner's Guide To SSL Certificates and The Purpose Of Them!
# ssl monitoring

A Beginner's Guide To SSL Certificates and The Purpose Of Them!

Did you know that 46% of users wouldn't do any business online if the website they visited wasn't secure and didn't have an SSL certificate?

It's a solid statistic, and one that's growing week on week as website security has been ever more important for you and your website!

This is why your website, and any other website that you come across needs to have an SSL certificate.

In this article, I'm going to help you understand what an SSL certificate is, and what the purpose of one actually is, in an easy to understand format.

Are you ready? Let's dive into this.

What is an SSL Certificate?

what is an ssl certificate

An SSL certificate is a small data file that establishes an encrypted link between your web browser and the website's web server (or the web hosting).

SSL certificates are used to ensure that the data that is passed between the server and the browser is private, and understanding this should help you understand why they're so important.

If you've ever landed on a web page and visited a website, typically, in the web browser you'll see that the site should have https:// at the start of the domain name...

It's more common to find that a web browser, such as Chrome, will let you know when a website isn't secure, rather than when it is secure.

Why is this?

Well, it's because Google has increasingly been making it more of a requirement for websites to have a valid SSL certificate for many years now, and as a result, finds it easier to simply let you know when a website isn't secure, rather when it is.

How Do I Know If A Website Is Secure?

check if website is secure

When you visit a website, you should see that at the start of the domain name (you might need to click or tap the website URL to reveal this) it says: https://, this would indicate that you're on a secure site...

But it's not the only way to check, and I'd advise checking some other things as well just to be on the safe side:

  • Green padlock - look for a green padlock icon, if there's a padlock, you can click/tap it and it'll let you know if the site you're on is secure or not.
  • Value - does the website you're viewing provide you with enough value?
  • Trustworthy - if the website doesn't look trustworthy, it probably isn't. Is there a Terms page? Or a Privacy page? How about any form of contact information, email addresses etc

Sometimes it's not always clear that a website meets all of the above criteria for knowing if a website is secure, and even with all of this, it's still possible for hackers to spoof a website and make it seem secure, when in reality, it isn't.

Pay close attention to the website URL bar, you probably haven't paid much attention to this area previously but there's so much information that you can uncover here.

Is it safe to use a not secure website?

If you use Safari, whether that be on a Mac or on your iPhone, you'll be warned when visiting a website that is displayed as insecure.

You can still technically visit the website, but it's advised that you don't put any of your information into these websites.

If a website hasn't gone to the effort to get an SSL set up on their site, you've got to ask the question of why?

The 3 Common SSL Certificate Types

ssl types

There are some common SSL certificate types.) so it's useful to at least have an understanding of what they are, and I'm going to reveal to you the 3 most common types right now...

Extended Validation (EV SSL)

One of the first common certificate types, is the EV SSL.

This type of certificate will check the right of the applicant to use a specific domain name, and the reason the word Extended Validation is in the name, is because additional validation checks are carried out during the purchasing and installing of one.

Before one of these certificates is issued, the following steps are all carried out:

  • Verification check for the legal, physical and operational existence of the organisation/domain name
  • Checking whether the identity matches official records
  • A verification check is completed for checking that there's exclusive rights to use the domain specified in this certificate
  • Verify that the certificate has properly been installed

You're likely to find an EV SSL certificate being used in government bodies and large scale organisations such as Amazon and Apple...

Why?

Because these companies need to have the highest security to protect their customers.

Organisation Validated (OV SSL)

Another type of SSL certificate that you can opt for is an Organisation Validated certificate.

The CA (Certificate Authority) will check the right of the applicant to use a domain name, but in addition to this, will also carry out some additional organisation checks to ensure that the information displayed to the customer is accurate.

These SSL certificates tend to be a bit cheaper than an Extended Validation certificate, and are mostly used by small to medium organisations and businesses.

Maybe this type of SSL is right for you?

Domain Validated (DV SSL)

The third most common SSL type that you can go for, is the Domain Validated, or DV SSL.

These certificates are usually the cheapest of all of them, and are issued to the domain name in question almost straight away...

However...

There is one downside to using a DV SSL certificate, and that's the fact that there aren't any company identity checks that are carried out, so it might be worthwhile using this type of certificate if you've got a blog for instance rather than a larger website.

Monitoring Your SSL

monitor your ssl today

It's a good idea to start monitoring your SSL certificate on your website, certificates typically will expire more quickly than domain names since you might purchase a domain name for several years...

You might purchase an SSL certificate for a few years too, but might end up changing your mind on which provider to use, and plus, you'll need to keep a check on whether the SSL is installed properly as well.

This is why it's a great idea to use some kind of SSL monitoring tool, and there's quite a few different tools out there.

With our domain monitor, we'll keep a check on your SSL certificate and will alert you immediately before it expires so that you can take action to renew it!

If you enjoyed this blog post, feel free to share it with your friends and other people that you think might benefit from knowing a bit more about SSLs.

More posts

Introducing Two-Factor Authentication [Plus Additional Security Features]

We're pleased to announce that you can now enabled Two-Factor Authentication (2FA) in your Domain Monitor account. Enable it today to take advantage of additional account security.

Read more
Setting Your Time Zone [New Feature]

Time Zones, they're a pain. Recently, here in the UK the clocks have gone forward, and for many of you, you’ve probably forgotten a few clocks or watches around the house right?

Read more
Introducing Slack Notifications [Third-party Integration]

I'm pleased to announce that we've just launched our Slack Integration as a new Notification Type, and you can enable it today!

Read more

Get our FREE downloadable PDF revealing The Top 3 Benefits Of A Website Monitoring Tool!

Plus, more great content, product news and updates