What is an SSL Certificate?
What are SSL and SSL Certificates?
SSL stands for Secure Socket Layer, which is a secured cryptographic protocol for authenticating and encrypting data and communication over a network. Transport Layer Security or TLS is its updated and more secure version. SSL and TLS are often used interchangeably; however, they refer to the type of secure connection that HTTPS uses for communication between a browser and a server.
To initiate the protocol of secure connection between servers (websites, VPN, or intranets) and clients (email clients, website browsers, or website applications), a digital certificate is needed. This digital certificate is what we call the SSL Certificate. Simply put, an SSL Certificate encrypts and protects sensitive information while being transferred across the internet. There are several types of SSL Certificates you can choose from depending on your website's needs. Please visit the article What type of SSL/Secure Certificate do I need? to learn more about these types of SSL Certificates.
We can now install SSL on the shared IP address; however, the server must be on at least CentOS 6 and cPanel version 11.58. If the server is on an older version, it will require a Dedicated IP address.
For additional information about SSL Certificates, you can also visit this blog.
How to purchase SSL?
HostGator offers different types of SSL that you can choose from depending on the needs of your website. To order an SSL Certificate, please visit the following article for the instructions.
Why do you need an SSL Certificate?
Here are the reasons why you should get an SSL Certificate:
- The most common reason is that you want to accept credit card payments on your website.
How important is SSL for accepting payments?
If you are accepting credit card payments online via a merchant account, the credit card associations and networks require that you use SSL whenever you transmit credit card information, such as the card number, cardholder's name, expiration date, CVV code, etc. (This is when customers enter their credit card on your shopping cart order form or payment page). This is an important part of making your website PCI compliant (a set of rules that must be followed in order to accept credit card payments).
In addition to being PCI compliant (which is required by Visa, MasterCard, Discover Network, American Express, Diners Club International, JCB, and your payment processing company), your customers also look to see if your order form or shopping cart is secure before entering their credit card information. You can easily lose sales if your customers see that your site is not secure.
If customers are not entering credit card information directly on your website but rather entering it directly on a payment processing company's website, such as PayPal, Google Checkout, or Amazon Payments, then you do not need an SSL Certificate since you are not transmitting or storing credit card information.
- You may have confidential information that you want to keep secure while it is being accessed via the web, like personally identifiable information - such as full name, address, telephone number, proprietary information, legal contracts, and medical records. With the SSL enabled, it will encrypt the data sent across the internet. This encryption prevents the man-in-the-middle attacks used by hackers to steal your customers' information while in transit
- You protect your passwords and login details from being intercepted when typed into a secure login page.
- Adding SSL to your website lets your visitors know that you are serious about your customer and site's security.
How does SSL work?
Identifying SSL Certificate in a website
If you install an SSL certificate, your data is encrypted before being sent, and your website displays HTTPS before the domain name. When people visit your site, they'll see a padlock icon next to your domain. This padlock shows that your site, and in turn, the data that they share on your website, is secure from prying eyes. It serves as a visual indication that your website is trustworthy.
Getting an SSL Certificate
Most browsers nowadays use SSL (TLS) Certificates to authenticate HTTPS websites that you visit. The SSL Certificate issued by a trusted certified authority includes the following details:
- Website URL(s)
- A public key
- The certificate authority that issued the certificate
- The certificate's expiration date
- The organization's name that owns the website (a premium type of SSL)
Verifying an SSL Certificate
The details of the SSL Certificate issuer can be seen through the website browsers. The availability of this information allows you to verify the SSL Certificate of a website you like to visit. Here is a helpful guide on how to check SSL information:
SSL for Newbies Series
- Overview: SSL for Newbies
- Part 1: What is SSL/Secure Certificate?
- Part 2: What type of SSL/Secure Certificate do I need?
- Part 3: Important Things You Should Know Before Installing an SSL Certificate
- Part 4: How do I purchase an SSL Certificate?
- Part 5: How Do I Use My SSL Certificate?