Did you know that 46% of users wouldn't do any business online if the website they visited wasn't secure and didn't have an SSL certificate?
It's a solid statistic, and one that's growing week on week as website security has been ever more important for you and your website!
This is why your website, and any other website that you come across needs to have an SSL certificate.
In this article, I'm going to help you understand what an SSL certificate is, and what the purpose of one actually is, in an easy to understand format.
Are you ready? Let's dive into this.
An SSL certificate is a small data file that establishes an encrypted link between your web browser and the website's web server (or the web hosting).
SSL certificates are used to ensure that the data that is passed between the server and the browser is private, and understanding this should help you understand why they're so important.
If you've ever landed on a web page and visited a website, typically, in the web browser you'll see that the site should have
https:// at the start of the domain name...
It's more common to find that a web browser, such as Chrome, will let you know when a website isn't secure, rather than when it is secure.
Why is this?
Well, it's because Google has increasingly been making it more of a requirement for websites to have a valid SSL certificate for many years now, and as a result, finds it easier to simply let you know when a website isn't secure, rather when it is.
When you visit a website, you should see that at the start of the domain name (you might need to click or tap the website URL to reveal this) it says:
https://, this would indicate that you're on a secure site...
But it's not the only way to check, and I'd advise checking some other things as well just to be on the safe side:
Sometimes it's not always clear that a website meets all of the above criteria for knowing if a website is secure, and even with all of this, it's still possible for hackers to spoof a website and make it seem secure, when in reality, it isn't.
Pay close attention to the website URL bar, you probably haven't paid much attention to this area previously but there's so much information that you can uncover here.
If you use Safari, whether that be on a Mac or on your iPhone, you'll be warned when visiting a website that is displayed as insecure.
You can still technically visit the website, but it's advised that you don't put any of your information into these websites.
If a website hasn't gone to the effort to get an SSL set up on their site, you've got to ask the question of why?
There are some common SSL certificate types.) so it's useful to at least have an understanding of what they are, and I'm going to reveal to you the 3 most common types right now...
One of the first common certificate types, is the EV SSL.
This type of certificate will check the right of the applicant to use a specific domain name, and the reason the word Extended Validation is in the name, is because additional validation checks are carried out during the purchasing and installing of one.
Before one of these certificates is issued, the following steps are all carried out:
You're likely to find an EV SSL certificate being used in government bodies and large scale organisations such as Amazon and Apple...
Because these companies need to have the highest security to protect their customers.
Another type of SSL certificate that you can opt for is an Organisation Validated certificate.
The CA (Certificate Authority) will check the right of the applicant to use a domain name, but in addition to this, will also carry out some additional organisation checks to ensure that the information displayed to the customer is accurate.
These SSL certificates tend to be a bit cheaper than an Extended Validation certificate, and are mostly used by small to medium organisations and businesses.
Maybe this type of SSL is right for you?
The third most common SSL type that you can go for, is the Domain Validated, or DV SSL.
These certificates are usually the cheapest of all of them, and are issued to the domain name in question almost straight away...
There is one downside to using a DV SSL certificate, and that's the fact that there aren't any company identity checks that are carried out, so it might be worthwhile using this type of certificate if you've got a blog for instance rather than a larger website.
It's a good idea to start monitoring your SSL certificate on your website, certificates typically will expire more quickly than domain names since you might purchase a domain name for several years...
You might purchase an SSL certificate for a few years too, but might end up changing your mind on which provider to use, and plus, you'll need to keep a check on whether the SSL is installed properly as well.
This is why it's a great idea to use some kind of SSL monitoring tool, and there's quite a few different tools out there.
With our domain monitor, we'll keep a check on your SSL certificate and will alert you immediately before it expires so that you can take action to renew it!
If you enjoyed this blog post, feel free to share it with your friends and other people that you think might benefit from knowing a bit more about SSLs.
We're pleased to announce that you can now enabled Two-Factor Authentication (2FA) in your Domain Monitor account. Enable it today to take advantage of additional account security.Read more
Time Zones, they're a pain. Recently, here in the UK the clocks have gone forward, and for many of you, you’ve probably forgotten a few clocks or watches around the house right?Read more
I'm pleased to announce that we've just launched our Slack Integration as a new Notification Type, and you can enable it today!Read more
Plus, more great content, product news and updates