SSL Certificates – What, why, where and how?

SSL Certificates – What, why, where and how?

 

Google is now getting a bit sticky about SSL certificates.  They are not a legal requirement (yet) but due to restrictions that Google is enforcing, not having one can have an effect on your SEO. Effective July 2018, Google’s Chrome browser will mark non-HTTPS sites as ‘not secure’.

 

An SSL (Secure Sockets Layer) certificate is a digital certificate. It essentially authenticates the identity of a website and encrypts information sent to the server using SSL technology.

 

A certificate serves as an electronic “passport” that establishes an online entity’s credentials when doing business on the Web. An SSL certificate contains the following information:

 

  • The certificate holder’s name
  • The certificate’s serial number and expiration date
  • A copy of the certificate holder’s public key
  • The digital signature of the certificate-issuing authority

 

When installed on a web server, an SSL certificate activates the padlock and the https protocol and allows secure connections from a web server to a browser. Typically, SSL is used to secure credit card transactions, data transfer, and logins, and more recently is becoming the norm when securing browsing of social media sites.

 

SSL Certificates bind together:

  • An organisational identity (i.e. company name) and location.
  • A domain name, server name or hostname

 

A hosting provider has the SSL Certificate installed onto its web server to initiate a secure session with browsers. Once a secure connection is established, all web traffic between the web server and the web browser will be secure.

 


When secure, the application protocol (also known as HTTP) will change to HTTPs, here the ‘S’ stands for ‘secure’. Depending on the type of certificate you purchase and what browser you are surfing the internet on, a browser will show a padlock or green bar in the browser when you visit a website that has an SSL Certificate installed.

 

 

What is an SSL Certificate?

SSL Certificates are small data files that digitally bind a cryptographic key to an organisation’s details. When installed on a web server, it activates the padlock and the https protocol and allows secure connections from a web server to a browser. Typically, SSL is used to secure credit card transactions, data transfer, logins, and more recently is becoming the norm when securing browsing of social media sites.

 

 

 How Does an SSL Certificate Work?

SSL Certificates use something called public key cryptography.

This particular kind of cryptography harnesses the power of two keys which are long strings of randomly generated numbers. One is called a private key and one is called a public key. A public key is known to your server and available in the public domain. It can be used to encrypt any message. If Alice is sending a message to Bob she will lock it with Bob’s public key but the only way it can be decrypted is to unlock it with Bob’s private key. Bob is the only one who has his private key so Bob is the only one who can use this to unlock Alice’s message. If a hacker intercepts the message before Bob unlocks it, all they will get is a cryptographic code that they cannot break, even with the power of a computer.

If we look at this in terms of a website, the communication is happening between a website and a server. Your website and server are Alice and Bob.

 

 

Why Do I Need An SSL Certificate?

SSL Certificates protect your sensitive information such as credit card information, usernames, passwords etc. It also:

 

  • Keeps data secure between servers
  • Increases your Google Rankings
  • Builds/Enhances customer trust
  • Improves conversion rates

 

 

 

Where Do I Buy An SSL Certificate?

SSL Certificates need to be issued from a trusted Certificate Authority. Browsers, operating systems, and mobile devices maintain list of trusted Certificate Authority Root certificates.

The Root Certificate must be present on the end user’s machine in order for the Certificate to be trusted. If it is not trusted the browser will present untrusted error messages to the end user. In the case of e-commerce, such error messages can result in immediate lack of confidence in the website and you can risk losing confidence and business.

 

Check out what Barclays have to say about SSL Certificates in their new TV advert by clicking here!

 

Luckily, DP Marketing Communications are here to offer advice about the best option for your site. We have developed a FREE SSL Checklist to help you figure out what type of certificate you need. Enjoy!

 

 

 

Laura Timson
No Comments

Post a Comment

Comment
Name
Email
Website

This website uses cookies to give you the best experience. If you agree for us to use cookies on this device please click the 'Accept' button.