An introduction to SSL
Security and privacy are two issues of prime importance when it comes to building online applications and tools that work on the web. Online stores, shopping carts, social networks such as Twitter and Foursquare, and bank websites all require high levels of security. Secure Socket Layers technology, commonly referred to as SSL, is a data transfer protocol used by millions of users worldwide for just the type of security that the types of websites mentioned above require.
With SSL, data transmitted between users and servers is first encrypted and then decrypted so that no one outside of the two-party connection can listen in on, or take over, the connection.
What SSL does is it acts as an encoded passport that verifies the authenticity and credentials of the sender of the data and the web server at the other end of the transaction. Only after both identities are verified does SSL permit a secure connection through HTTPS.
The credentials that are verified during this process include:
- The name of the owner
- Serial number ID of the certificate
- The expiry date of the certificate
- A public key used to encrypt information
- A private key used to decrypt information
Although you don't need to memorize the steps of setting up an SSL certificate, it is always a good idea to know how the system works.
The first step is purchasing an SSL certificate from any one of a number of online vendors on the web. Because they have an expiration date, you have to renew your certificates, usually every year, to maintain your website's security.
You also need to generate a CSR, or a Certificate Signing Request, on your own server. This is needed before you can obtain any SSL certificate. It is highly recommended that you contact your host for this step of the process, as generating a CSR can be quite difficult.
Types of SSL
- Dedicated SSL: the most secure and most costly SSL option, HTTPS connections are only verified for your root domain that is targeted via a designated IP address on which the SSL is setup.
- Shared SSL: many web hosts offer shared hosting and they often have multiple domain names pointing to the same IP address, so in such scenarios, it is easier for the host to manage one SSL for the entire server on which multiple websites are hosted, and the certificate is valid for all of the sites on that server.
- Wildcard SSL: similar to dedicated or shared SSL certificates but they target multiple subdomains for your website. This is a good approach to use if you segment different functions of your website according to area or function, for example, sales.company.com, or jobs.company.com.
Who should choose which option?
It is highly recommended for beginners to go for the shared SSL option. First of all, affordability of dedicated certificates is an issue, and even if it isn't, it is usually just too much money to spend on something that has effective alternatives available.
The importance of SSL certificates
In addition to acting as an additional layer of security for your website, many online stores and e-commerce sites use SSL certificates primarily to earn the trust of customers and visitors. By having a valid SSL certificate, your website or your business can immediately convey to visitors that you are both legitimate as well as trustworthy.
Further, search results are also affected by SSL certificates, with SSL-secure pages being ranked higher than non-secure pages in search rankings.
Other things to keep in mind
Before going for a certificate, check your site with an online test to see how secure it is. For example, tests from Qualys SSL Labs allow you to put in your domain name, and you'll be given a detailed report on your site's security settings.
For e-commerce and commercial sites, it is also advisable to check that your site is up to speed before installing your SSL certificate, because HTTPS is slower than HTTP, so make sure your site can handle it, and scripts from external parties and other web applications also need to be checked beforehand to see whether or not they are compatible with SSL.
Finally, remember that web hosts are out there to help you design, develop, host, secure, grow, and maintain your online presence. While proactive steps such as SSL security measures and other layers of security should be undertaken by you as a primary domain owner, tap into the expertise of your host and ask for help whenever you need it.
With professional tech support personnel on call and within reach by phone, chat, or email, you're sure to be able to get help and find assistance for SSL-related issues that you may have, so reach out to an expert whenever you face obstacles.