Online security with a SSL certificate is no longer an optional choice for webmasters but rather an absolute necessity for reasons which we will explain below. One of the most common ways to enhance the security of access & browsing a website is to switch from http to https by adding an SSL certificate.
Is the SSL a security certificate?
SSL is the acronym for Secure Socket Layer or also known as Electronic Security Certificate. The SSL protocol creates a secure connection between the web page and the web browser (Google Chrome, Safari, Opera, Microsoft Edge, Mozilla Firefox etc.). SSL certificates ensure secure data exchange between these two parties, preventing malicious users from spying on sensitive personal and non-data.
How do SSL certificates work?
SSL certificates serve the following 2 processes:
Secure data transfer between a web server (server) and a browser (browser).
Certification and identification, helping the user to confirm the identity of the website with which he trades.
Once the process for activating the SSL security certificate (e.g. ordering a product online or completing a contact form) begins, a series of checks / actions are performed to ensure a secure interface between the website and the user.
The web browser checks the SSL Certificate to determine if it is valid and to verify the identity of the website.
The web server then communicates with the web browser and enables data encryption in specific bits (usually 128bit or 256bit). The web server and the browser exchange unique encryption codes, so that they can use them in the decryption that takes place after the data exchange is completed. The data exchange process starts, the SSL Secure Data Transfer icon appears next to the webpage address bar, and data transfer is now secure.
How do I understand that a website uses SSL?
The easiest way to find out if a website uses an SSL security certificate is to use a small padlock icon marked “Secure” and the https prefix (instead of http) displayed in front of the website address (Domain Validation SSL).
In cases of Organization Validation SSL, along with the padlock there is also the name of the company to which the website belongs. In fact, if the company uses Extended Validation SSL, the entire address bar of the website will be colored green.
How many types of SSL security certificates are there?
There are 3 types of SSL certificates:
Domain Validation SSL Certificates (DV SSL): Used to encrypt the information and identify the details of the registrar and the domain name of the website (domain). This way the user can be sure that the website address is correct and points to the correct server. This type of certificate is very easy to issue / install, has low cost and covers the vast majority of websites.
Organization Validation SSL Certificates (OV SSL): Used to encrypt the information and identify the website and the company behind it. Before the Certification Authorities issue the SSL certificate, they follow a process of identification of the company, its address as well as the ownership of the Domain Name.
Extended Validation SSL Certificates (EV SSL): These are the most complete and secure SSL certificates a website can provide to its users today. The licensing and issuance of these certificates requires thorough procedures, through which the Certification Authorities control almost all aspects of a company and the website.
When do I need an SSL certificate?
Until recently, if the website did not provide the possibility of online transactions (e.g. eshop), the security certificate could be considered as luxury. Today it is simply necessary. There are many reasons with the main ones being:
Increasing awareness of users on security issues and personal data management. Quite simply, if you do not have SSL and you have an online store, there are many who will not buy from your eshop. Encryption via HTTPS is now officially through Google, ranking factor, ie ranking factor of our website in the SERPs (Search Engine Result Pages). Simply put: you have SSL, you see a small boost in Google.
From January 2017 with the arrival of version 56 of Google Chrome, pages that require you to enter security codes or credit cards will be marked “Not Secure” if they do not have a valid SSL security certificate. In subsequent versions the indication will be even more intense in red accompanied by the relevant danger triangle.
Going from http to https through the installation of an SSL security certificate is no longer a nice to have feature but is an absolute necessity both for reasons of real security of users’ personal data and for reasons of ranking in Google organic results.