What is SSL Certificate? Advantages and Disadvantages of SSL


Overview

What is SSL? SSL is an acronym for Secure Sockets Layer, an encryption technology that was created by Netscape. SSL creates an encrypted connection between your web server and your visitors' web browser allowing for private information to be transmitted without the problems of eavesdropping, data tampering, or message forgery.
To enable SSL on a website, you will need to get an SSL Certificate that identifies you and install it on the server. The use of an SSL certificate on a website is usually indicated by a padlock icon in web browsers but it can also be indicated by a green address bar. Once you have done the SSL install, you can access a site securely by changing the URL from http:// to https://. When an SSL certificate is installed on a website, you can be sure that the information you enter (contact or credit card information), is secured and only seen by the organization that owns the website.
Millions of online businesses use SSL certificates to secure their websites and allow their customers to place trust in them. In order to use the SSL protocol, a web server requires the use of an SSL certificate. SSL certificates are provided by Certificate Authorities (CAs).

Why do I need SSL?

If you are transmitting sensitive information on a web site, such as credit card numbers or personal information, you need to secure it with SSL encryption. It is possible for every piece of data to be seen by others unless it is secured by an SSL certificate.
Your customers won't trust your web site without an SSL certificate. According to Gartner Research, nearly 70 percent of online shoppers have terminated an online order because they did not "trust" the transaction. In those cases, 64 percent indicated that the presence of a trust mark would have likely prevented the termination. An SSL certificate and a site seal could stop people from abandoning your website and that means more money for you. Read our why SSL is necessary page to learn more.

What is a certificate authority (CA)?

A certificate authority is an entity which issues digital certificates to organizations or people after validating them. Certification authorities have to keep detailed records of what has been issued and the information used to issue it, and are audited regularly to make sure that they are following defined procedures. Every certification authority provides a Certification Practice Statement (CPS) that defines the procedures that will be used to verify applications. There are many commercial CAs that charge for their services (VeriSign). Institutions and governments may have their own CAs, and there are also free Certificate Authorities.
Every certificate authority has different products, prices, SSL certificate features, and levels of customer satisfaction. Read our SSL Certificate reviews to find the best provider to purchase from.

How do SSL Certificates compare between certificate authorities?

Verisign certificates are better because they cost so much more, right? Not necessarily. You can get a certificate for $100 that does that exact same thing as a certificate sold for $800 from another certificate authority. It is the exact same SSL encryption.
Why the difference? Trust is the biggest difference. Since VeriSign has been around for longer than other certificate authorities, more people trust them so they can charge more. You are essentially paying for the brand.

What is browser compatibility?

The certificate that you purchase to secure your web site must be digitally signed by another certificate that is already in the trusted store of your user's web browsers. By doing this, the web browser will automatically trust your certificate because it is issued by someone that it already trusts. If it isn't signed by a trusted root certificate, or if links in the certificate chain are missing, then the web browser will give a warning message that the web site may not be trusted.
So browser compatibility means that the certificate you buy is signed by a root certificate that is already trusted by most web browsers that your customers may be using. Unless otherwise noted, the certificates from all major certificate providers listed on SSL Shopper are compatible with 99% of all browsers. For more details about a specific certificate provider, see SSL Certificate Compatibility.

How many domain names can I secure?

Most SSL server certificates will only secure a single domain name or sub-domain. For example, a certificate could secure www.yourdomain.com or mail.yourdomain.com but not both. The certificate will still work on a different domain name but the web browser will give an error anytime it sees that the address in the address bar doesn't match the domain name (called a common name) in the certificate. If you need to secure multiple sub-domains on a single domain name, you can buy a wildcard certificate. For a wildcard certificate, a common name of *.yourdomain.com would secure www.yourdomain.com, mail.yourdomain.com, secure.yourdomain.com, etc... There are also special certificates such as Unified Communications (UC) certificates for Microsoft Exchange Server 2007 that can secure several different domain names in one certificate.

What is a trust seal?

A trust seal is a logo that you can display on your web site that verifies that you have been validated by a particular certificate provider and are using their SSL certificate to secure your site. It can be displayed on secure and non-secure pages and is most appropriate on pages where customers are about to enter their personal information such as a shopping cart page but they can be displayed on every page to help build trust. Every certificate authority's trust seal is different and some look more professional so you should consider what the seal looks like in order to maximize customer trust. To learn more about trust seals read


Why SSL? The Purpose of using SSL Certificates

Why SSL? As a web developer, I have come across many customers who ask “Why do I need SSL? What will it do for me?” This is an important question for anyone involved in the web to understand. SSL is the backbone of our secure Internet and it protects your sensitive information as it travels across the world. It keeps the Internet from being ruled by anarchists and criminals and provides many direct benefits to you and your customers.

Benefits of SSL

Why use SSL? To Encrypt Sensitive Information

The primary reason why SSL is used is to keep sensitive information sent across the Internet encrypted so that only the intended recipient can understand it. This is important because the information you send on the Internet is passed from computer to computer to get to the destination server. Any computer in between you and the server can see your credit card numbers, usernames and passwords, and other sensitive information if it is not encrypted with an SSL certificate. When an SSL certificate is used, the information becomes unreadable to everyone except for the server you are sending the information to. This protects it from hackers and identity thieves.

Authentication

In addition to encryption, a proper SSL certificate also provides authentication. This means you can be sure that you are sending information to the right server and not to a criminal’s server. Why is this important? The nature of the Internet means that your customers will often be sending information through several computers. Any of these computers could pretend to be your website and trick your users into sending them personal information.  It is only possible to avoid this by using a proper Public Key Infrastructure (PKI), and getting an SSL Certificate from a trusted SSL provider.
Why are SSL providers important? Trusted SSL providers will only issue an SSL certificate to a verified company that has gone through several identity checks. Certain types of SSL certificates, like EV SSL Certificates, require more validation than others. How do you know if an SSL provider is trusted? You can use our SSL Wizard to compare SSL providers(link) that are included in most web browsers. Web browser manufactures verify that SSL providers are following specific practices and have been audited by a third-party using a standard such as WebTrust.

Why Use SSL? To Gain Your Customers’ Trust

Web browsers give visual cues, such as a lock icon or a green bar, to make sure visitors know when their connection is secured. This means that they will trust your website more when they see these cues and will be more likely to buy from you. SSL providers will also give you a trust seal that instills more trust in your customers.

PCI Compliance

It is also important to know that you take credit card information on your website unless you pass certain audits such as PCI compliance which require a proper SSL certificate.

Why SSL protects from phishing

A phishing email is an email sent by a criminal who tries to impersonate your website. The email usually includes a link to their own website or uses a man-in-the-middle attack to use your own domain name. Because it is very difficult for these criminals to receive a proper SSL certificate, they won’t be able to perfectly impersonate your site. This means that your users will be far less likely to fall for a phishing attack because they will be looking for the trust indicators in their browser, such as a green address bar, and they won’t see it.

Disadvantages of SSL

With so many advantages, why would anyone not use SSL? Are there any disadvantages to using SSL certificates? Cost is an obvious disadvantage. SSL providers need to set up a trusted infrastructure and validate your identity so there is a cost involved. Because some providers are so well known, their prices can be overwhelmingly high. Performance is another disadvantage to SSL. Because the information that you send has to be encrypted by the server, it takes more server resources than if the information weren’t encrypted. The performance difference is only noticeable for web sites with very large numbers of visitors and can be minimized with special hardware.
Overall, the disadvantages of using SSL are few and the advantages far outweigh them. It is critical that you properly use SSL on all websites that require sending sensitive information. Proper use of SSL certificates will help protect your customers, help protect you, and help you to gain your customers trust and sell more. If you’re still not sure why SSL should be used on your website, read more of our SSL FAQ.

3 comments:

Unknown said...

I am looking for information about digital certificates. Are these certificates similar to digital certificates. With this article I got a clear idea about ssl certificates. Thanks.digital certificates

Information said...

Thank Q Jimmy............

Christina Bedford said...

If you don't have an SSL certificate, your website may still function as always, but it will be vulnerable to hackers and Google will warn visitors that your website is not secure. Google also gives priority to websites that have an SSL certificate.
for more information click here
HOW MUCH DOES AN SSL CERTIFICATE COST

Post a Comment