An Introduction to Website Security & SSL Certificates
Website security is a major factor for internet users. If you own a website, you need a secure connection and software that protects user’s data – this means procuring an SSL certificate.
However, before you decide on the SSL certificate to use, you will want to do some research. There are actually three main types of SSL certificates, and it is important to understand the distinctions between each one.
In this article, we will provide a quick introduction to SSL certificates. Then explore the three varieties, and talk about when each is most useful. Let’s jump right in!
You may have noticed most website URLs used to begin with http://, but many now start with https:// instead. This seemingly small distinction is very significant. To understand why let’s look at ‘the difference’. The most important difference between the two protocols is the SSL certificate. In fact, HTTPS is basically an HTTP protocol with additional security. However, this additional security can be extremely important, especially for websites that take sensitive data from its users, such as credit card information and passwords.
What is an SSL Certificate?
SSL stands for Secure Sockets Layer, a global standard security technology that enables encrypted communication between a web browser and a web server. It is utilized by millions of online businesses and individuals to decrease the risk of sensitive information (e.g., credit card numbers, usernames, passwords, emails, etc.) from being stolen or tampered with by hackers and identity thieves. In essence, SSL allows for a private “conversation” just between the two intended parties.
To create this secure connection, an SSL certificate (also referred to as a “digital certificate”) is installed on a web server and serves two functions:
It authenticates the identity of the website (this guarantees visitors that they’re not on a bogus site) It encrypts the data that’s being transmitted
Single Domain SSL Certificate
This secures one fully-qualified domain name or subdomain name. So, for example, socialiga.com is a sports and lifestyle brand with whom we have worked on graphics and website projects. Let’s assume they want to focus on the fashion side of the lifestyle industry. This form of SSL certificate will protect on socialiga.com perfectly. It will also cover links like socialiga.com/fashion. It will, however, not cover fashion.socialiga.com which is a subdomain under socialiga.com
Wildcard SSL Certificate
This covers one domain name and an unlimited number of its subdomains. In this scenario, saltlagos.com is a culinary brand with whom we have worked on graphics and website projects. They sell cakes, pastry, loaves, and treats. This form of SSL certificate will protect on saltlagos.com perfectly alongside links like saltlagos.com/cakes or saltlagos.com/pastry. Let’s assume Salt Lagos would like to expand their brand to cover training and desire a separate website for that. This SSL certificate will equally cover subdomains like training.saltlagos.com or school.saltlagos.com and any more.
Multi-Domain SSL Certificate
This secures multiple domain names. A Multi-Domain SSL certificate can secure your main domain along with several SANs (Subject Alternative Names) domain names in one certificate.
For example, dominionhouse.org is a website we designed and developed a while back. This type of SSL certificate can secure all these domains:
Who Needs An SSL Certificate?
Individuals or organizations that use their website to require, receive, process, collect, store, or display confidential or sensitive information are recommended to, and much better off, using SSL Certificates. Some examples of this information are:
logins and passwords
financial information (e.g., credit card numbers, bank accounts)
personal data (e.g., names, addresses, social security numbers, birth dates)
legal documents and contracts
How will Visitors Know A Site Has An SSL Certificate?
The address bar of a browser is the spot to check if a website has any level of security. The 4 key visual clues are:
Padlock to the left of a URL
https URL prefix instead of Http
A trust seal
A green address bar (when an EV SSL certificate is issued)
To conclude, no matter what type of website you are running, it is important your connections are secure. This will go a long way to promote trust between you and consumers. To do this effectively, you will need to choose the right SSL certificate.