What is an SSL Certificate?

An SSL certificate is, at its core, a universal solution to the problem of malicious activity on the web. SSL certificates are not perfect by any means, but they are a stellar baseline and a must-have in this day and age. In practical terms, an SSL certificate moves a website over from HTTP to HTTPS, improving its security across the board. This may also be signified by a padlock icon visible next to the address bar, though this isn't always the case.


Learning Objectives

After reading this article you will be able to:

  • Understand what SSL certificates are used for
  • Know if a website is using an SSL Certificate
  • Describe what a Certificate contains and verifies
  • List of reasons why you might need an SSL Certificate

Learning Centre

View more resources on cyber security, encryption and the internet.

Flexibility and customizability are key for SSL implementations

You can use an SSL certificate to deploy a wide variety of security features on your domain. A single-domain SSL certificate would, for example, be perfect for small-time bloggers and small business owners that need a simple security implementation for their entire setup.

Multi-domain SSL certificates, on the other hand, may provide wider coverage for web servers that offer features across several disparate domains.

SSL/TLS is leveraged for security in any given SSL certificate, be it a simple domain validation or a high-end EV SSL certificate (extended validation, used for enterprise domains and the like). The end goal is always to prove domain ownership through the use of a trusted third party. In effect, the certification authority.

SSL certificates are software products designed to protect sensitive information of any sort, and they accomplish this task through the use of various encryption algorithms. Confidential information is therefore kept safe on the Internet due to the efforts of modern certification authorities.

Generally, just one SSL certificate will be more than enough for most small-time users. Bigger, more established operations can, however, add SSL certificates whenever they need them. One prominent example would be to secure online transactions for a new feature you had just recently added to your domain.

What are SSL certificates used for?

Modern SSL certificates are used to confirm the following aspects of a connection while it is being established:

  • Authenticity
  • Integrity
  • Encryption

These aspects of an SSL/TLS solution are put to work to secure any kind of data in transit. SSL/TLS solutions are also customizable to an extent, where their scope, validity, and - of course - affordability can all be scaled up and down, depending on what the client needs.

Products tailored to their respective users

As we've iterated again and again here at SSLTrust - not everyone needs multi-domain SSL certificates, let alone enterprise-grade extended validation products.

It's precisely this scalability and flexibility that has allowed SSLs to proliferate over the past few decades. Users can pick and choose between an extremely wide variety of SSL/TLS products to suit their needs.

Complex, all-encompassing products that come with extended validation security will, for example, be the first choice for multinational companies whose presence online is absolutely crucial for their business. On the other hand, users that have domains with many different sub-domain setups will opt for wildcard SSL certificates that provide an appropriately comprehensive sub-domain coverage.

More generally, an SSL certificate can protect sensitive information, secure online payments, issue encryption to small data files that may get transferred over a given domain, the data that a web server sends to its visitors, and more.

How to tell if a website I'm on has an SSL certificate?

The easiest way to tell if the domain or website you're on has an SSL certificate in place is to check if it has HTTPS enabled. Any given implementation of an SSL certificate will enable HTTPS on the domain it's on, though it's also worth keeping in mind that not all web browsers may display this part of the address.

Aside from that, modern web browsers will alert you if a website you're visiting is insecure. On top of that, you may also wish to check out the site's address bar. If there's a crossed-out padlock icon visible next to the website's address bar, that will mean that you're on an unsecured domain.

Two browser bars, one secure and the other not

How does an SSL certificate protect a web server?

An SSL certificate does its job by binding two identities together: one that has a public key, and one that has a private key.

By assembling cryptographic key pairs (through the use of x.509 certificates, for those who wish to know more) SSL certificates can establish domain validation and keep customer information private, all the while retaining the necessary identity assurance to keep the connection secure.

An SSL/TLS certificate consists of the following features, roughly speaking:

  • Domain name that the SSL in question was issued for
  • Domain ownership data (who the SSL was issued to)
  • Certificate authority that issued the SSL/TLS solution
  • Digital signature of the CA in question
  • Date of issuance
  • Date of expiration
  • Public key (as opposed to private key, which is not shown at any point)
  • Potential associated subdomains (as in the case of wildcard SSL certificates)

The combination of a public key with a private key to ensure security online is not a novel idea. It is, in fact, the central pillar of this process, which is colloquially known as the SSL handshake.

The role of trusted third parties

Of course, all of the above presumes that there's a trusted and established authority that would provide SSL certificates to users that need them. These trusted third parties are the CAs we've referenced a few times in this article.

Companies such as DigiCert,Comodo, GeoTrust, and Thawte are well-established certificate providers that are often subject to rigorous auditing sessions to verify and maintain their trustworthiness.

CAs leverage PKI, which is a system of policies and processes that enable data encryption, to deliver SSL certificate solutions to website owners from across the world.

Should you have an SSL certificate?

This question is, in fact, very easily answered: if you are a webmaster or hold domain ownership of any kind, then odds are that you should invest in an SSL certificate of some kind.

Ideally, all of the publicly available domains on the Internet should have some way to establish a secure connection whenever a browser or server attempts to communicate with them.

A good starting point for every type of domain

As we said before, an SSL certificate is not an absolute guarantee of safety. There are always ways around a given security solution. Hosting a domain with no SSL/TLS implementation of any kind, however, is similar to leaving your home unguarded for months at a time, with the door wide open.

Having an SSL in place is simply the easiest way to guarantee some amount of security to your website visitors and/or customers.

Plus, since most users simply have no need for high-end enterprise solutions (such as unified communications certificates, for example), getting an SSL certificate doesn't have to be expensive, either.

How to get an SSL certificate?

Getting an SSL certificate is really easy, especially if you work with a certificate provider, such as SSLTrust.

All you need to do is to fill out a Certificate Signing Request (CSR) and figure out what kind of SSL certificate you need in the first place, then decide whether you have a certificate authority preference. There's generally no reason why even the most casual of users would need any type of SSL glossary or some such to get ahead in this regard.

The process is simple, straightforward, and streamlined, and websites often offer technical support for every step of the process, should you need them.

Naturally, technical support may well be necessary for beginner webmasters that need to cover multiple domain names all at once, or who need an EV SSL implementation, but are unsure where to start with it.

Getting an SSL certificate quickly and easily

The more complex a certificate, the longer the issuance will take. Something like an EV SSL, to use the example from the previous section, will need an in-depth overview of your domain ownership, of all the multiple domains it references, of your legal standing, and a variety of other things.

DV certificates, on the other hand, can be issued with a mere domain ownership confirmation, and implemented in a matter of hours, if not minutes. At any given point, you are just a few clicks away from having your own SSL/TLS certificate.

Of course, the caveat is that DV certificates only really provide domain validation in the first place. An EV certificate, on the other hand, will come with high-end features and functionality that may be necessary for global enterprises and the like.

The complexity of the process, then, is directly affected by the nature of security you are looking for.

Reasons to get an SSL Certificate

Finally, there's the matter of why. Why does anyone need an SSL certificate? What are the odds, really, that someone malicious would start harassing your particular domain, of all the domains available on the Internet? Here are some things you may want to keep in mind.

#1 - SSL enables HTTPS, improving your and your visitors' security

The obvious reason - enabling HTTPS is a must-do at this point. You want to make your website as secure as possible, and entering the HTTPS infrastructure is the easiest way to do so on the cheap.

#2 - SSL helps verify and establish your presence on the web

An SSL implementation matters a great deal when it comes to authority. Authority, on the other hand, ensures conversions in the long run.

#3 - SSL boosts your website's search engine ranking

A less-known fact is that Google takes SSL into account when it comes to calculating your site's search engine value. SEO is key on the modern Internet, as you surely know already.

#4 - SSL can improve your website's loading speeds

Since HTTPS uses more than one request per connection, this means enabling it will make your website load faster.

#5 - SSL is an affordable and easy way to improve the quality of your website

Modern SSLs are cheap. Especially for small business owners and the like. They're also easy to get installed, making an SSL a stellar value proposition in the long run.

#6 - SSL will make your website look more secure, on top of actually being secure

Almost every modern SSL comes with a set of site seal graphics, as well as being shown off in the address bar. These immediately and easily tell your visitors that you have an SSL on-board, which in turn leads to better authority ratings.

#7 - SSL keeps your users' best interests in mind

Circling back to the matter of security, you want your visitors to feel safe, and to keep coming back to your website as often as possible. Though it's really just the start of making this happen, an SSL will easily form the baseline of your efforts in this regard, both in the areas of security and authority.