Why SSL Certificates Are Required
There are different types of SSL certificates, but the reason why they’re all required is to protect sensitive information like credit card numbers, logins, email and FTP servers, VPN’s and a host of other web applications. Its primary function is to protect transactions between a website’s visitors and the site itself.
SSL uses a 3rd party Certificate Authority that allows for the collection of highly sensitive data transparently (encrypted). Some of the trusted Certificate Authorities are VeriSign, Thawte and GeoTrust.
When visitors see the http: portion of a URL switch to https: that signifies that the site is secure – maybe. The lock icon means that there’s an encrypted tunnel between the site and its visitor which inhibits 3rd parties from interfering with traffic between the two.
While most sites don’t need an SSL certificate – Google wants all sites on the Internet to be secure and announced just recently that SSL will be a factor in their search algorithm. In addition, Google qualifies SSL certificates based on a number of factors. Those are reflected by the green lock icon, a yellow alert icon or a red alert icon. First and foremost, don’t enter credit card information on site without a lock icon, and they ARE out there.
- Green lock icon – if you click on the icon itself, it will show the domain that the SSL is issued to. Be sure to match that to the URL you’re visiting. If the site is using an EV-SSL certificate (extended validation), the organization’s name will also be present right next to the icon. Banking websites are great examples.
- Yellow alert icon – indicates that while the site has an SSL certificate, there appears to be insecure content on the site itself.
- Red alert icon – means that there’s an issue with the certificate itself or there’s an elevated risk of insecure content on the website. Absolutely do NOT enter your credit card information there.
These equate to trust factors, which ultimately factors into how well you promote your brand, products and services.
When you do not need an SSL certificate if you’re running an e-commerce site.
If you’re collecting credit card numbers on your site or any part of the infrastructure that supports your site, you need an SSL certificate (to be PCI compliant), but if transactions are handled on a 3rd party site (like PayPal), you do not need one. Please note that there will be a lock icon on PayPal’s site.
PCI compliance is required by all of the major credit cards before they’ll allow you to accept their credit cards on your site. In addition, they’ll require you to run security scans performed by 3rd parties to validate the correct installation and settings of that certificate.
There are different types of SSL certificates
- Domain validated certificates
- Shared certificates
- Private SSL certificates
- Company validated certificates
- EV certificates
- Wildcard certificates
- Multi-domain certificates
SSL certificates need to be linked to a dedicated IP address.
If you’re switching from a shared IP to a dedicated IP, domain name servers (DNS) will have to propagate that switch worldwide which normally takes a few hours. I’ve seen it take over a day though.
cPanel only allows one SSL certificate per account
This essentially means that if you want more than one SSL, perhaps for a different domain (or subdomain), you’ll need to have a second cPanel account created.
The one year catch
It seems a lot of hosting clients don’t realize that SSL certificates have to be renewed annually and end up in a panic at the end of the first year trying to renew their certificate. Mark your calendar with your site’s SSL certificate expiration date and give yourself at least one week to set up a new certificate before the original expires. Actually, SSL certificates are not renewed, rather purchased again and issued new expiration dates.
Do you have to purchase the SSL certificate from your current hosting provider?
You do not have to purchase an SSL certificate from your current hosting provider, but they will most likely charge a fee from $10 to $100 to install it for you. Some hosting providers will install them free if you purchase the certificate from them.
Brought to you by ProlimeHost
We’ve been in the web hosting industry for ten years, helping hundreds of clients succeed in what they do best and that’s running their business. We specialize in dedicated servers, with data centers in Los Angeles, Phoenix, Denver and Singapore.
The E3 1275 v5 processor is now available at great pricing, giving you the ability to add up to 64GB of DDR4 ECC RAM. Call +1 877 477 9454 or email us at Sales@ProlimeHost.com. We’re here to help.