What is an SSL certificate and why do you need it

Svetlana Dudnyk Guides & How-tos

Using a secure connection on Internet resources has become the standard today. Having a certificate not only protects the information transmitted between the server and your visitors, thereby increasing the credibility of your resource, but also helps you occupy higher positions in search engines. Therefore, each site owner needs to decide which certificate is right for him and how to transfer the work of his Internet resource to a secure protocol.

What is an SSL certificate?

SSL – stands for Secure Sockets Layer. HTTP (HyperText Transfer Protocol) is used to transfer information between the site and the visitor. HTTPS is its secure version. Data transferred between the client and the server is encrypted using special certificate keys so that it cannot be read by a third party. This ensures reliable protection of transmitted information (personal data, passwords, credit card numbers).

Let’s take a closer look at all the existing types of SSL certificates to determine which one is best for you. First of all, SSL certificates are distinguished by the authority that issued them:

  • self-signed SSL;
  • issued by one of the certification centers.

In the first case, the SSL certificate is generated and installed for the site for free. When visiting such sites, the information will indeed be encrypted, but at the beginning of the work will be issued a warning that the certificate was not issued by the certification authority, and therefore – may endanger the security of the visitor’s computer.

Warning for the user that the connection is not private.

This, of course, will negatively affect the traffic to the site where such a certificate will be installed. That is why self-signed SSL is now practically not used or is used only for services to which a limited number of people will connect, for example, at the stage of testing the service.

In the case of a certificate issued by a certification authority, the situation will be different – you will not see a deterrent warning.

Certificates issued by different certification authorities vary in price and percentage of software (browsers, mail servers, etc.) that supports them by default.

In turn, the SSL certificate issued by the certification center can be divided according to the level of verification of its owner:

  • domain validation only (DV);
  • organization validation (OV);
  • extended validation of the organization (EV).

Basic DV SSL certificates contain only information about the domain for which the certificate was issued. They do not contain any information about the company. Due to this, no documents need to be provided, so such certificates are issued faster than others.

Organization Verification (OV SSL) involves verification of documents proving the company’s existence (company registration certificate, tax registration document, verification of the company’s presence in the state unified register). 

​​Checking when issuing an EV SSL certificate is similar to a regular check of the organization, but it also checks whether the company has a unique right to own its name. Therefore, the issuance of these certificates takes the most time. EV SSL certificates have another major difference. This is a green bar, which displays the name of the company for which the certificate is issued.

In essence, this is a visual indicator that the certification center has verified the existence of the company. This, of course, will have a positive effect on customer confidence in such an online store, bank, etc.

SSL certificates are also divided by the following properties:

  • Ordinary SSL certificates for one domain name;
  • Wildcard certificates;
  • SAN certificates;
  • A certificate with IDN support;
  • A certificate of program code.

By ordinary we mean those certificates that provide encryption of information on only one domain and do not contain any additional features. This certificate will be enough if you have only one site and the certificate does not have any extended requirements.

Wildcard SSL provides protection for information transmitted on all third-level subdomains of one domain. This certificate will simplify certificate management if you have many subdomains, such as the company’s regional sites.

SAN or multi-domain certificates provide protection for multiple domain names.

SSN with IDN support is targeted at Cyrillic or other domains composed of letters of non-Latin alphabets.

Software certificates allow you to sign your software. Viruses will not be able to add malicious code to site components without changing the digital signature. Such an attempt will be detected immediately. This will increase the rate of detection of hacking resources, which in turn will prevent the site from getting blocked by search engines and, accordingly, the loss of positions in them.

Certificate and its impact on search engine rankings

SSL is not only security, the certificate also affects other important factors, including the SEO rating of the site. Modern search engine algorithms analyze resources for the presence of an established security certificate and put sites running on HTTPS in priority against similar ones. If you knowingly opt-out of SSL, be prepared for the fact that your site will lose its position in search queries and with it a significant portion of the traffic.

The presence of SSL does not guarantee you high positions in search engines a priori, but to achieve them without a certificate is almost impossible.

What happens if you don’t use SSL certificate?

Even if you attract visitors without an SSL certificate, you are risking their security:

  • If fraudsters are able to control purchases, they will be able to redirect the customer to a third-party page in the browser. Thus, an inattentive buyer will deposit the card and send the amount to the account of the attackers.
  • Criminals can skip a transaction by finding out the address and payment information. After receiving the CVV code and expiration date, they will be able to make a payment in any other online store.
  • Dangerous sites can be hacked and used to display offensive or pornographic content. All content may be infected with malware and the site will be blacklisted by search engines.
  • Scammers are important not only payment card information. They can steal user information and use it for their own purposes: to send spam messages, advertisements, and so on.

Once we’ve determined the importance of SSL certificates, we hope you’ll find the right option. But the question arises, if this certificate is so important, how to install it? Who can help and how to do it? Contact us, we are always happy to solve your problem.