An introduction to SSL
This article is an introduction to key SSL concepts. If you plan on installing SSL certificates on your web site, this article provides the background information you need.
What is SSL?
SSL (Secure Sockets Layer) enhances a web site's security by providing two important features: encryption and authentication.
- Encryption means that the data sent between your web site and users is unreadable by others. When a user accesses your site using an SSL connnection (URLs that begin with https://), the web server and web browser exchange encrypted information. Contrast this with unencrypted web transactions, which are transmitted as plaintext and subject to eavesdropping.
- Authentication means visitors can trust that you actually are who you claim to be. When users access your site using an SSL connection, they can be confident that they are seeing your site, and not an impostor's. Whereas encryption helps protect data, authentication helps prove your identity to others.
When users visit an SSL-enabled site, most web browsers display a lock icon (usually in the address bar). To enable SSL for your own web site, you must obtain and install a certificate.
Does my web site need an SSL certificate?
If your web site handles personal data or any kind of payment-related information, you need an SSL certificate. Additionally, if your web site contains login forms where users log in with a username and password, you should protect their information with SSL. This helps prevent malicious actors from eavesdropping and stealing login credentials.
Most A2 Hosting servers support Server Name Indication (SNI), which means SSL certificates do not require
a dedicated IP address to work correctly. However, to ensure complete compatibility, you should consider purchasing a dedicated IP address. For more information about SNI support at A2 Hosting, please see this article
How do I obtain an SSL certificate?
There are several ways you can obtain an SSL certificate for your web site:
SSL certificate options for your websites
Just as there are a number of different types of websites, there are a number of different types of SSL certificates as well. Here is a breakdown of the different types of SSL certificates available. You're sure to find a solution that fits your specifics needs.
- Free SSL Certificates - There are free SSL Certificates options that help enhance the security of your website and increase the trust from your visitors. The benefits of these certificates include an easy setup as well as automated protection. While free protection is great, there are a few drawbacks including minimal features (learn about additional SSL features below) and the lack of a warranty.
- Single Site SSL Certificate - Advantages of a Single Site SSL compared to a free SSL include warranties, domain validation and site seals to display on your website.
- Premium SSL Certificates - Premium SSL Certificates are great for eCommerce and online business. In addition to dynamic site seals, Premium SSL Certificates also feature full business verification. These certificates help build trust with its visitors. Business verified SSLs allow end users to verify the company name, company address and the phone for the site they're visiting.
- Wildcard SSL Certificates - Wildcard SSLs are extremely popular because they allow sites to protect an unlimited number of subdomains. This money saving solution means that site owners do not have to purchase an individual SSL Certificate for each subdomain that they have.
- Advanced SSL Certificates - This is the ultimate SSL Certificate option featuring all the best features including a dynamic site seal, full business verification and extended validation (EV). EV offers the highest level of trust because the browser bar on your visitors' browsers turn green when they visit your site. This makes it clear visually that your site is SSL-protected.
SSL certificate brands
In addition to multiple types of SSL Certificates options that are available, each one is offered by a number of reputable brands. Some of the most popular and reputable brands that issue SSL Certificates include:
- GeoTrust - The digital certificate provider who is owned by the software solutions provider Broadcom. Since its launch in 2001, GeoTrust has been a leading provider of SSL Certificates
- RapidSSL - RapidSSL is a staple of the SSL Certificate industry. RapidSSL offers a number of secure and affordable website protection options.
- Sectigo - Formerly known as Comodo before its acquisition in 2017, Sectigo is one of the market leaders in SSL Certificates. Sectigo has you covered whether you need a Wildcard SSL, Organization Validated SSL, Domain Validated SSL or a number of different options.
- Symantec - A worldwide leading provider of affordable SSL Certificates, including those with EV protection.
SSL certificate features
What are the key features of an SSL certificate? Here is a breakdown of some of the most common terms and features you'll run across when choosing your SSL certificate:
- Warranty - Covers any costs or damages associated with a failure or mis-issuance of the SSL.
- Site Seals - Site seals come in two varieties; static and dynamic. Static seals are essentially an image that communicates that the website is secure. A dynamic site seal, on the other hand, can be clicked on and communicates important security details to your website visitor.
- Domain Validation - SSL Certificates that are issued only after the SSL applicant has proven ownership of the domain name.
- Organization Validation - The SSL is issued once the organization has gone through a more thorough vetting process including business identity and physical address.