Website SSL

Website SSL is the communication protocol between computer's or cellular phone's browsers and the hosting website server and the message are encrypted. It involves an X.509 public key certificate which enables the web server to authenticate the web browser.

SSL stands for Secure Sockets Layer is a general term. SSL is gradually migrated to TLS. TLS stands for Transport Layer Security is a more secure protocol. TLS 1.0 was released in 1999 and the most current version is TLS 1.3. Some old browser may only support TLS 1.0. If your website has a programming module which uses TLS 1.3 standard, the old browser will not work with the programming module of your website and the internet user will have to upgrade his or her browser to its latest version.

From your browser, you type in https (Hypertext Transfer Protocol Secure) rather than http (Hypertext Transfer Protocol). Port 80 is typically used for unencrypted http addressing while port 443 is usually used for encrypted https addressing. A padlock icon will also be displayed in the URL address bar. The term SSL is still used although SSL has been replaced by TLS.

If your website requires login, you will need it. E-Commerce website with Credit card transactions, bank online account website, medical records or any proprietary information websites may be appropriated to have a SSL certificate installed. The purpose is for security. Without SSL, your website still works but the message between browser and server can be easily hacked. A lot of websites do not have SSL and many of them do not have any sensitive information.

Regardless what your reasons for not having SSL are, Google chrome browser will show "Not Secure" warning for your website.

If you want SSL for your website, the hosting company can provide it with extra yearly cost. They can install the website SSL for you.

SSL Certificate Types

  • Extended Validation certificates (EV SSL): EV certificates can be issued only by a subset of certificate authorities (CAs) and require verification of the requesting entity's legal identity before certificate is issued. It is the most trusted SSL/TLS Certificate.
  • Organization Validated certificates (OV SSL): A certificate provider will issue an organization validation (OV) class certificate to a applicant if the applicant can meet two criteria: the right to administratively manage the domain name in question, and perhaps, the organization's actual existence as a legal entity.
  • Domain Validated certificates (DV SSL): The domain name of the applicant is validated by proving some control over a DNS domain. This is the basic trusted SSL/TLS Certificate.
  • Wildcard SSL certificates: A public key certificate protects with multiple sub-domains of a domain.
  • Multi-Domain SSL certificates (MDC): A multi domain SSL certificate is also known as a subject alternative name (SAN). It’s used to secure multiple domains with a single certificate.
  • Unified Communications Certificates (UCC): A public key security certificate protects multiple hostnames. It has been specially designed to work within the Microsoft Exchange and Office Communications server environments.

SSL certificates information

If you click on the padlock icon in the URL address bar, it will list the key information.

  • Issued To Website Domain Name.
  • Issued to Organization.
  • Issued To Organization Unit.
  • Issued By Common Name (Certificate Authority).
  • Issued By Organization.
  • Begins On Date.
  • Expires On Date.
  • The Public Key (Click on Details).
  • The Certificate Authority's Digital Signature (Click on Details).

The public and private keys are long strings of characters used for encrypting and decrypting data and they are in pair. Public key can encrypt data and only private key in that pair can decrypt the public-key-encrypted data.

Purchase A SSL certificate

You can obtain it from a certificate authority (CA). A CA is an outside organization, a trusted third party, that generates and gives out SSL certificates. The CA will also digitally sign the certificate with their own private key, allowing client devices to verify it. You have to ensure your WHOIS record is updated and matches what you are submitting to the Certificate Authority. CAs will charge a fee for issuing an SSL certificate.

Once the certificate is issued, it needs to be installed and activated on the website's origin server. Web hosting services can usually handle this for website operators. Each level of validation takes a different length of time to complete. The time depends on the level of security you require. If you just order a simple Domain Validation SSL certificate from your hosing company, it can be issued within minutes of being ordered.