Start A Conversation
Start A Conversation

Return to Design Thoughts

SSL Certificates – What are they and do you need one?

Categories: Web Design & Digital Website Security & Support
Explore By Tag:
Read Time:
More By The Author: The Mach4 Team

What is a Website SSL Certificate?

First, we’ll give a basic overview of what SSL certificates are. SSL stands for Secure Socket Layer, and it is a protocol that does two main things.

1) It encrypts all data sent between your visitors and the server helping to prevent 3rd party assailants from seeing the data as it moves over the internet.

2) It “certifies” your website telling your visitor’s browsers that this site is indeed the correct site and not some phishing site trying to take their information.

HTTPS and SSL

Now, you may be asking what the difference is between HTTPS and SSL, and the answer is… none! When you see HTTPS, it is telling you that the site is secured with an SSL certificate.

Why do you need one? In 2021, the total number of cyber attacks per company increased from 206 to 270 year over year.

Why do I need a SSL certificate on my Website?

For most websites, you won’t need an SSL certificate. However, if you work with any type of sensitive information on a website (such as an ecommerce website with credit card details, or a website with medical records, or if you just want to secure your site’s login), it is highly recommended that you have a SSL certificate to help keep that information secure. In fact in some situations (mostly when dealing with credit card details or medical records), you are required to have some form of SSL certificate.

Depending on the purpose of your website, you may need to contact your credit card merchant or review HIPAA guidelines to find out if one is needed.

How do they work?

At its basic, it encrypts all data sent between the server and the user using a private and public key. The server holds the private key and sends out the public key to be used by the client when encrypting traffic sent from their computer. At the same time, the browser generates a public and private key and sends the public key back to the server so the server has a method of encrypting traffic.

What are the different types?

There are many different types of SSL certificates. All of them have the ability to encrypt information sent between the server and the user. The main difference is how it validates the domain, company and website information. Below we outline the different types of SSLs and what they validate.

Single Domain

This is the most common form of SSL certificates and provides basic domain verification.

Wildcard Domain

This type of certificate allows you to secure multiple subdomains using the same certificate. This is very helpful when you or your company uses subdomains (billing.example.com, support.example.com, shop.example.com, etc) to split up the different parts of your website.

EV (Extended validation)

This type of certificate is most commonly used by banks or other high profile companies that want to prove that the website you are looking at is in fact the website for the company. This type of certificate also changes how most browsers behave. For example, in Internet Explorer, it turns the address bar green showing that the website you are viewing is secured with an EV certificate.

How do I get one?

For more information about how to order a SSL certificate, please contact us.

[Mach4 Design] This article was originally published by either Manna Design, Market3, or Total Site Care before they were all rebranded as part of Mach4 Design. The capabilities, team members, and expertise referenced in the article are now part of Mach4’s offerings.