What is an SSL certificate and why do I need it?
Security is increasingly important on the Internet. Any site that acquires a reputation for unreliability or insecurity appears spammy and loses our confidence in visiting it. On the other hand, a site that can prove it takes security seriously can attract more visitors. And that can be good, whether your web site is for a small business, a membership service, or e-commerce. Web surfers and online shoppers also increasingly recognize the on-screen presence of a small padlock icon or a website address that begins with “https://…” as signs that they can trust the site they’re connecting to. That’s SSL or ‘secure sockets layer’ in action.
The biggest reason websites use SSL is to protect sensitive information that’s sent between computers and servers. If information like credit card numbers, passwords, and other personal information isn’t encrypted this leaves it open for hackers to easily step in and steal the information.
With the SSL certificate installed on your web server, your information is unreadable to anyone who attempts to steal it. The only people able to decipher it are the intended recipients at the other end of the connection.
With an SSL certificate, your customers can do business with you knowing that their information is going to be safe from identity thieves and potential hackers.
How Does an SSL Certificate Work?
SSL operates between a visitor’s browser and your site or application. It’s an industry-standard mechanism that ensures the encryption of data being passed backwards and forwards, so that no unauthorized person can spy on the information and hack it. It also prevents cyber criminals from diverting visitor traffic to their own site using their own encryption, and gaining access to your data that way. All major web browsers have SSL capability built in.
SSL certificates add an additional level of security between your website and the information visitors are sharing. They protect your website in two main ways:
Enabling EncryptionIt can be scary to share your personal and financial information online. A lot of people prefer to use large-scale eCommerce sites like Amazon, because they feel much safer and protected. With an SSL certificate sensitive data will remain encrypted and secure, thus providing your customers with a sense of relief.
Verifying the Identity of the Site OwnerThe SSL credential identifies the owner of the website, and create an additional layer of trust. Put simply, your customers will know with whom exactly they’re doing business. Before the certificate can even be issued the identity of the website owner has to be verified through multiple methods. With digital communication it’s often difficult to determine the person on the other side of the connection, but with an SSL certificate you can be sure you’re doing business with your intended recipient, and vice versa.
With an SSL certificate installed on your site, there is a two key encryption exchange between the browser and the web server hosting your site. Both a public and private key agree on a key for the exchange. Anyone can encrypt using the public key but only the server can decrypt using a special private key. Finally, a digital signature is “signed” by a certificate authority, a kind of notary for the web.
Installing an SSL certificate on your web server for your website is like getting a vaccine to protect your site from hackers and viruses. Eventually it will be the new standard for all websites. As of this date, 30% of all websites have https over http, up from 7% in 2014. Google is pushing for all websites to have an SSL certificate and presently gives a search ranking boost to those that have it. Starting in 2017, you may see more “warning” messages in the Chrome browser when you visit sites that are not secured with the SSL.