SSL Certificate FAQs
Get Answers and Learn Important Facts
What is encryption?
Encryption is the basis of secure web communications. The process turns “plain text” into “cipher text” to scramble data so it’s not readable by anyone except the intended party. Historically, most websites have been served over HTTP or Hypertext Transfer Protocol which has one glaring flaw—it’s not secure. Any information transmitted via an HTTP connection is easy to steal. Given that today we share all sorts of sensitive information online—including addresses, login IDs, passwords, credit card numbers and more—the browser community has pushed for the entire web, not just e-commerce sites, to be encrypted. Encryption is enabled via an HTTPS connection.
What is SSL?
SSL, or Secure Socket Layer, is a universally accepted security protocol used by web browsers and web servers to protect data in motion—it’s the Web’s protocol for encryption. SSL has two components—the protocol and the certificate. The protocol is the code and procedures which allow computers to handle the encryption. The certificate identifies the specific web server and works in combination with a unique code used for encryption. Together, they enable a secure HTTPS connection.
Are SSL and TLS the same thing?
Both SSL and TLS, or Transport Layer Security, are protocols that provide data encryption and authentication to ensure secure web communications. Although the terms are often used interchangeably, SSL is the predecessor to TLS, and there are slight differences in the protocol. Certificates are not dependent on protocols. The protocols are determined by the server configuration, not the certificates.
What is the difference between HTTP and HTTPS?
HTTP has been the accepted standard since 1997 and was the traditional way to serve up a website, even though it didn’t provide a secure connection. When you install an SSL certificate, your website will be served up using HTTPS (HTTP + SSL) instead of HTTP, indicating an encrypted connection.
What is an SSL Certificate?
An SSL Certificate is a server-based software product that serves two primary functions. The first is to secure data in motion by enabling an encrypted connection between clients (website visitors) and web servers (that host a website) via the SSL/TLS protocol. All SSL Certificates offer this base-level encryption but differ on the second function—identify validation. The second important function of an SSL Certificate is to authenticate, or validate, the identity of the company or organization holding the certificate. Trust is everything when you’re communicating or doing business online. Today’s skeptical visitors need assurance you’re legitimate. SSL certificates offer various levels of validation and visual trust indicators. That’s why choosing the right SSL Certificate with sufficient identity validation is critical to your online success.
Why do I need a SSL Certificate?
SSL Certificates aren’t just for e-commerce anymore. Starting in 2016, industry titans such as Chrome and other key browsers have made significant changes that turned encryption into a website security standard. Encryption and trust are both critical to your online success. SSL Certificates provide encryption to secure data in transit and, more importantly, validate who’s on the other end of online communications, giving users confidence to share their information—and their money. In addition to protecting data and validating identifty, SSL Certificates have many other benefits that boost your bottom line.
How do SSL Certificates work?
SSL Certificates enable an encrypted connection through an interaction known as the SSL Handshake. This process uses both a public key (on the sending end) and a private key (on the receiving end) and all happens within milliseconds. Each SSL Certificate has a “Subject” which identifies who owns the certificate. This is always a domain name, and, if applicable, the company operating the website. To ensure SSL certificates are used properly, the subject listed in the certificate is always validated, but some validation processes are more stringent than others. There are three levels of validation—Domain Validation (DV), Organization Validation (OV) and Extended Validation (EV).
What’s authentication or validation?
Trust is essential online and authentication of your identity, also known as validation, provides your site’s visitors with the confidence they need to do business with you. The validation process is handled by globally recognized and trusted entities known as Certificate Authorities (CAs). All SSL Certificates provide basic encryption and domain level validation, meaning the domain is owned by the party requesting the certificate. The more premium an SSL Certificate, the more extensive the validation process.
What’s a Certificate Authority (CA)?
Certificate Authorities (CAs) are globally trusted entities, such as DigiCert and Comodo, that are authorized to issue SSL Certificates. Browsers, such as Chrome and Firefox, are applications that read the certificates to determine whether visitors can trust your website. Browsers trust the CAs, so when a CA validates your domain, organization and/or extended company details and says you’re legitimate, the browsers take them at their word. The CAs and browsers come together in the CA/B Forum to establish the ‘rules of the web’ that govern the issuance and management of SSL Certificates.
Is basic encryption enough?
The importance of securing data is obvious when you consider the sensitivity of information sent across the Internet. That’s why all browsers have now require all webpages—not just e-commerce—to be served over an encrypted, or HTTPS, connection. Webpages still being served via HTTP now display a “Not Secure” warning to visitors so across-the-board encryption is critical. But SSL Certificates provide more than just encryption—they validate identity and communicate trust, the foundation of the online economy, using visual trust indicators. Premium SSL Certificates offer more in-depth validation and display globally recognized trust symbols that have been proven to increase conversion among other benefits.
What are trust indicators?
When your connection to a website is secured with SSL, various visual cues are displayed. We call these “Trust Indicators.” The most common ones are “HTTPS” and the Green Padlock—both are enabled by all SSL Certificates regardless of validation level and make it easy for visitors to know at a glance your site is served over an encrypted connection. Extended Validation (EV) SSL Certificates have the most extensive validation process and are the only ones that activate the Green Address Bar. This is such a globally recognized symbol that one Tec-ED survey found 77% of participants reported they’d be hesitant to shop on a website without an EV SSL Certificate.
What is a Site Seal?
Site Seals are highly identifiable visual images—static or dynamic—that appear on webpages to assure visitors their connection is encrypted and they’re safe on your site. Think of the Better Business Bureau trust mark, only related to website security. They help you differentiate your site from competitors and give visitors an extra level of assurance that boosts trust and conversions. Domain Validation (DV) SSL Certificates have a static Site Seal. Organizational Validation (OV) and Extended Validation (EV) SSL Certificates have a dynamic clickable Site Seal.
What details can visitors see about my SSL Certificate?
All SSL Certificates allow the visitor to click and see the validated owner of the domain. Organizational Validation (OV) SSL Certificates also display the verified company name. Extended Validation (EV SSL Certificates are the only ones that also display the verified company location and activate the globally recognized Green Address Bar.
How are SSL Certificates the same?
For the encryption, or security function, all SSL Certificates pretty much offer the same features.
- 256-bit encryption, which is the industry standard
- Activate HTTPS in the browser bar
- Activate the padlock in the browser bar
- 9% browser ubiquity, which means they’re compatible with all browsers
- Mobile compatible
- Can be issued with the now-standard SHA-2 hashing algorithm
- Can be signed with a 2048-bit root, which is the industry standard
How are SSL Certificates different?
All SSL Certificates offer basic encryption. But trust is everything when you’re communicating or doing business online. And that’s where the differences between SSL certificates are significant. Thw more premium an SSL Certificate, the more comprehensive the validation requirements, the more extensive the visible certificate details and the more visual trust symbols displayed—the more trust it conveys. Your visitors need to be confident about engaging with you and your SSL Certificate is what they use to decide if you’re trustworthy. It’s important to choose your SSL Certificate wisely. Learn more about the differences between Domain Validation (DV), Organizational Validation (OV) and Extended Validation (EV) SSL Certificates.
How do I know which SSL Certificate is right for me?
The number of domains and sub-domains you need to protect, validation level (that, in turn, communicates the level of visitor trust) and warranty are just a few of the factors you should consider when choosing an SSL Certificate. It’s important to know what your options are, what each includes and make sure it aligns with your goals. Depending on how important your brand, reputation and results are, you might want to consider Extended Validation (EV) since it provides the most benefits.
What is a Wildcard Certificate?
Most domains have sub-domains. A Wildcard Certificate is a convenient, cost-effective ways to get industry-leading encryption for one domain and unlimited sub-domains with one certificate. For example, a Wildcard can cover www.domain.com, email.domain.com, login.domain.com, xyz.domain.com, etc. You’ll save money, boost search engine rankings and future-proof your site. Wildcards ensure you give visitors a secure experience across your entire website while making it easy to manage certificates and renewals. There are no extra steps or difficulties when installing a Wildcard SSL Certificate. Wildcards are available for both DV and OV SSL Certificates, but not EV because of the extensive validation process. Find out more about how to protect multiple domains and sub-domains.
Why do I need an SSL Certificate warranty?
SSL Certificates are designed to protect your customers’ data in motion. Warranties are designed to protect your reputation and your bottom line. While we only sell SSL Certificates issued by globally trusted Certificate Authorities (CA), stuff happens. That’s why SSL Certificates typically come with a warranty so, in the event of a data breach or hack that results from a flaw in the certificate—you’re covered. Warranties range in value, with higher value certificates providing more coverage.
What is the difference between a domain and sub-domain?
One of the most common dilemmas when it comes to purchasing SSL Certificates is what to do when you’re trying to secure multiple domains or. Fortunately, there’s a ready-made solution for both. Here’s a brief explanation of what we mean when we refer to multiple domains and sub-domains.
Multiple Domains means you have multiple root domains, such as:
Sub-Domains are part of a larger domain, for example:
What is a Multi-domain or Subject Alternative Name (SAN) Certificate?
Multi-domain SSL Certificates, or SAN Certificates, are the simplest way to secure multiple domains with just a single certificate. You simply fill out a SAN, or Subject Alternative Name, for every additional domain you wish to cover. This saves you money compared to buying a single-domain certificate for every domain. It also allows the certificate to be generated for all your domains at once and makes managing your certificates a whole lot easier. Another nice feature is you can add additional domains throughout the lifecycle of this certificate by simply re-issuing it. Get more details about how to protect multiple domains.
What is a Code Signing Certificate?
Code Signing Certificates are used by software developers to digitally sign apps, drivers and software programs. They reassure end users that the code they receive hasn’t been altered or compromised by a third party. These certificates include your signature, company name and a timestamp.
Have questions you don’t see here? Contact us—we’ve got lots of answers.