What is an SSL Certificate?

SSL or Secure Sockets Layers are small data files that authenticate the identity of a website through a cryptographic key. Once installed into the website server, it activates the https protocol (over port 443). Originally, SSL was used to secure credit card transactions, bank and data transfers, as well as logins. In recent years, however, it has slowly become the norm when it comes to browsing web pages and social media sites.

SSL Certificates contain the following information:

• Certificate holder’s name/website owner
• Certificate’s serial number and expiration date
• Copy of the certificate holder’s public key
• Digital signature of the certificate-issuing authority

A company or website owner (or their web host / website developer) needs to install the SSL certificate onto its website server to initiate secure browsing.

Types of SSL

There are different types of SSL based on the number of domain names or subdomains that the owner has.

• Single – secures one fully-qualified domain name or subdomain name
• Wildcard – secures one domain name and an unlimited number of subdomains
• Multi-Domain – secures multiple domain names

There are also different levels of validation, these are:

Domain Validation – covers the basics of data encryption and validation of domain ownership. It’s the least expensive validation and can be received within a few hours.

Organization Validation – If you’re an organization requesting a certificate, your company name and address are also authenticated, on top of the basic encryption. It can take a few hours to several days before you can receive the certificate.

Extended Validation – This provides the highest degree of security as it conducts a thorough examination of the website. In addition to basic encryption and business ownership, legal, physical, and operational existence of the company is also verified. It can take weeks before this type of certificate is released.

Importance of SSL Certificate

In addition to data encryption, an SSL also provides authentication. This allows you to send information to the right server and not to a hacker trying to steal your information.

Getting a certificate has become important as activity on the Internet has proven to be unpredictable. Many hackers have perfected the art of hiding their activities, and you may never actually be aware that sensitive information associated around your website has been hijacked by cyber criminals until irreparable damage has been made to your online reputation.

If you’re a website owner, security should be your highest priority to prevent being hacked. Installing SLL to your website helps ensure that each data transaction is securely transmitted from the browser to its destination. Whether your website is a simple blog or a busy eCommerce platform, giving your visitors and customers a safe browsing experience is quintessential for any kind of online business.

If you’re a website visitor, make sure that you take a closer look at every website you come across. Be careful when interacting with websites that you’re not familiar with. You can check if the website is secured when you see the padlock icon and “https” in the website url. This is an indication that the web page has an SSL certificate. Without the padlock icon or https, then be consider if it is really necessary for you to fill in a form / sign up to a newsletter, etc. on that website. If it’s not – then it might be best to err on the side of caution and don’t expose your details.

Trusted SSL providers will issue a certificate to verified companies that have gone through all the steps of identity checks. Most SSL certificates are issued by Certificate Authorities. These organisations are trusted to verify the identity and authenticity of the person or company requesting a certificate. However, you may also obtain your SSL certificate from a domain name registrar or website hosting provider.

To obtain an SSL certificate, you need to prepare the following:

1. Set up your server and get your WHOIS record updated. Make sure that it shows the correct company name, address, and other vital information about you and your website
2. Generate the CSR (Certificate Signing Request) on the server
3. Submit the CSR and other important information to the Certificate Authority
4. Wait for your website to be verified
5. Install certificate
6. Once installed, check your url and make sure that it now has the “https”

A successfully installed SSL certificate will help to protect your website and your visitors. And obviously, you also need to make sure that you put other safety measures in place (regular updates of Plugins and WordPress Core, etc.) for added protection.