Why do you need an SSL?
Updated: Jul 10, 2020
58% of all cyber attacks in general target small businesses. Sadly, around 60% of small businesses who are hit by a cyberattack shut down within six months. -liquidweb
What is an SSL Certificate and How Does it Work? A SSL or Secure Sockets Layer creates a secure encrypted connection and trust between your computer and the database you are accessing. Clients will know you have a SSL on your server when they can see a lock icon next to your website URL in the browser. Using an SSL establishes trust with your clients and shows that you care about their data and privacy protection.
To obtain a certificate, you need to create a Certificate Signing Request (CSR) on the server. This process makes a public key and a private key on a server. The CSR data file that you give to the SSL Certificate issuer (called a Certificate Authority or CA) contains the public key. The CA works with the CSR data file to make a data structure to match your private key without revealing the key itself. The CA does not see the private key.
When you get a SSL certificate, you can install it on your server. You can install the intermediate certificate that establishes the credibility of the website's SSL Certificate then link it to your CA’s root certificate.
Having an SSL could cost about $160 dollars a year on average. There are many types of SSL’s so it's best to do some research to determine which SSL would be best for your server and website.
Different types of SSLs, there are many types of SSLs that are used. There are around 6 common types of SSLs.
Organization Validated Certificates (OV SSL)
The Organization Validation SSL certificate’s main reason for use is to encrypt the user’s private information during transactions. This type of SSL is similar to the EV SSL certificate, used to validate a business’ creditably. This SSL certificate displays the website owner’s information in the address bar to distinguish from malicious sites. OV SSL certificates are the 2nd highest in cost. Business or public-facing sites are required to install an OV SSL certificate to insure that customer information remains protected. To get an OV SSL certificate, the owner must complete a validation process. A Certification Authority (CA) checks to see if the website owner has the right to the specific domain name. Once the SSL certificate gets set up, the business information will show in the address bar.
Extended Validation Certificates (EV SSL) this certificate is the highest rated and most expensive certificate type. This SSL certificate, when installed, displays a padlock, HTTPS, name of the business, and also the country in the address bar.
EV SSL certificates are for highly important websites for programs that need identity verification such as gathering data, logins, or payments.
Domain Validated Certificates (DV SSL) this certificate has a low assurance and lower encryption. It can be used for a wide variety of websites including blogs and basic websites with information. It is fairly easy to obtain this type of certificate.Users only have to prove they own the domain in order to obtain this SSL. You will only see a padlock and HTTPS, this is one of the least expensive SSLs to get.
Wildcard SSL Certificates
A Wildcard SSL certificate is used to protect a base domain and its subdomains. Buying a wildcard SSL certificate is less than getting a few or more single-domain SSL certificates. OV Wildcard SSL certificates or DV Wildcard SSL certificates are available to purchase. Wildcard SSL certificates contain an asterisk mark. The asterisk mark * represents a sub domain that has the same base domain.
Multi-Domain SSL Certificates
Multi-Domain certificates can protect up to 100 domain names and subdomain names using 1 certificate that helps save your time and money. You have power over the Subject Alternative Name (SAN) field to add, modify, and erase any kind of SANs needed. Domain Validated, Organization Validated, Extended Validated, and Wildcard SSL types are available.
Unified Communications Certificates (UCC)
Unified Communications Certificates (UCC) are also known as Multi-domain SSL certificates. UCCs are initially made to secure Live Communications servers and Microsoft Exchange. At the time any website owner may use these certificates to allow many domain names to get secured with 1 certificate.
It is crucial to have an SSL to secure your website, encrypt sensitive data and give your visitors and customers confidence that you protect their information. Websites that handle sensitive data, banking, medical information and ecommerce should definitely have an active SSL. If your website does have an SSL installed then the traffic will be encrypted by using HTTPS. And having SSL will also allow search engines like Google to trust your content, possibly improving your page ranking.