Getting Started With SSL Certificates

As part of initiatives to help make the Internet a safer place, search engines like Google strongly encourage websites to install Secure Sockets Layer (SSL) certificates. These certifications encrypt all visitor data, ensuring users the website they landed on keeps their information safe.

Table of Contents: Getting Started With SSL Certificates

  • What is an SSL
  • Why You Need an SSL Certificate
  • Installing an SSL Certificate on Your Site
  • Understanding SSL Certificate Types
  • Securing Multiple Sites and Subdomains
  • Where to Get Your SSL Certificate
  • If You Need Help

 

What is an SSL

SSL is a secure protocol used for communication between a web browser and server. In the context of websites, they help safeguard the data that passes between visitor and website. When an SSL connection is established, all information between the two points undergoes encryption.

Although SSL may seem very abstract to most users, understanding them is not such a hard task.

When a web browser first tries to communicate with a web server, it needs to ensure it got in touch with the right one. This first step forms the basis for the connection.

The SSL certificate acts as a guarantee of authenticity, assuring the web browser that it is, in fact, the correct destination point by displaying the server’s credentials. This credential display is digitally signed and cannot be forged.

To establish this level of trust, SSL certificates are typically signed by a handful of companies that web browsers know and trust. In short, they are the means that allow web browsers to trust the destination they are heading to is assuredly the correct one.

 

Why You Need an SSL Certificate

Getting Started With SSL Certificates

Caption: web browsers today indicate website SSL status clearly

Without the level of trust SSL certificates help establish, the Internet can be a much more dangerous place. Fake or malicious websites may try to impersonate valid ones in an attempt to steal information from visitors of the real site.

As an example, imagine if a hacker sets up a fake website impersonating your bank or other financial institution. If you arrive there by mistake, you will be prompted to enter login and billing information that can later be misused.

This is the reason why major browsers today prominently display the security status of websites users are visiting. It serves as a quick first line of defense to safeguard their users. 

At the same time, search engines give very low priority to sites without SSL certification, affecting the ability of these websites to rank well in search queries. Because of this, all webmasters should pay attention to their SSL certification status, not just sites that handle sensitive user data.

 

Installing an SSL Certificate on Your Site

Owning an SSL certificate is not enough – you also need to ensure it is properly installed on your website to take effect. In most cases, this can easily be done via your web hosting control panel. The main difference is the type of SSL certificate you want to install.

Getting Started With SSL Certificates

ScalaHosting makes SSL certificate installation easy with our state-of-the-art SPanel web hosting control panel. The Graphic User Interface (GUI) is simple and easy to navigate. To install your SSL certificate, click on the ‘SSL Certificates’ option from the main menu.

This will open up a sub-menu, allowing you to make changes to the SSL certificate associated with your website.

Getting Started With SSL Certificates

Clicking on the ‘Actions’ dropdown menu will give you two choices – Install custom SSL or Install free SSL. Depending on which type of SSL certificate you have, click on the appropriate choice.

Custom SSL

This option is for purchased SSL certificates. If you have bought a commercial SSL certificate or are migrating one from another host, choose this option. You will need to have the information for the certificates to fill in on the next page after clicking Install.

When you buy an SSL certificate, you will get a file from the issuer, typically in the format: your_domain.crt. This file can be opened using a text editor to view the information inside. 

You will need to fill in that data in the associated fields in the Custom SSL installation screen. Once you’ve done that, simply click Install to complete the process.

Free SSL

If you do not want to purchase a private SSL certificate, ScalaHosting offers free Let’s Encrypt Certificates. These can be used effectively with all types of websites, but we do not recommend using them for commercial purposes, such as online stores.

To utilize the free option, you simply need to click Install, which will automatically start the process once you confirm this is what you want to do. Let’s Encrypt SSL certificates also come with an expiry date, but this is automatically renewed for you before it actually expires.

Once you’ve installed your SSL certificate, you should be able to access your website via HTTPS instead of HTTP. The former is another indication that your website is secure.

 

Understanding SSL Certificate Types

Although most users generally know SSL certificates as either ‘free’ or ‘commercial’, there are actually clear distinctions between different types of SSL certificates. That mostly has to do with the extent the issuer goes to verify the identity of their site visitor.

The main types of SSL certificates are:

Domain Validated (DV)

These are typically the cheapest and least secure option for an SSL. The issuer will only check to see if the one applying for the certificate actually owns the domain name and has the right to operate it. There are no other checks aside from this one.

DV SSL certificates are the most widely used for personal sites such as blogs, portfolios, and other similar non-commercial sites. Let’s Encrypt, which is a company issuing free SSL certificates, offers DV SSL as well.

Organization Validated (OV)

For those who want extra assurance for their website visitors, a better option would be an OV SSL certificate. Issuers who sell OV certificates will need assurance not just of the domain name ownership but also some company information.

Extended Validation (EV)

Among SSL certificates, EV are the most expensive and difficult to obtain. While the process is not exactly complicated, extensive documentation needs to be submitted to issuers in order to form a strong guarantee of authenticity.

Information that needs to be verified includes:

  • Actual existence of the business, legally, operationally, and physically
  • Record matching from official sources
  • Exclusive rights for domain ownership from the business
  • Proper authorization for the EV issuance

Because of this stringent process, it can be relatively expensive and time-consuming to get an EV SSL. However, it’s money well-spent as this is the most secure SSL option in case of eventual hacker breaches.

 

Securing Multiple Sites and Subdomains

If you own a number of websites you may need to look for another specific type of SSL certificate. Usually, other certificates cover the exact domain name and nothing else. 

But what about your subdomains or other websites?

To handle this, you need to look for either a multi-domain SSL or Wildcard SSL.

Multi-domain SSL

This type of SSL certificate is specifically for websites or even web applications that connect with multiple domain names. They are always commercial in nature and generally more expensive than single-domain SSLs.

WildCard SSL

If you intend to split your site into sections using subdomains, a WildCard SSL would be your best bet. Examples of subdomains include blog.yourdomain.com, shop.yourdomain.com, and news.yourdomain.com.

 

Where to Get Your SSL Certificate

SSL certificates are available with various providers. ScalaHosting offers the use of free Let’s Encrypt SSL certificates that are suitable for general use. If you need something more secure, we also offer commercial SSL certificates on behalf of two highly trusted issuers – GeoTrust and Symantec.

Under each of these brands, you can choose from a range of options that cover all your needs. This includes EV, OV, and even WildCard certificates.

Pricing starts from as little as $30/year and goes up depending on which option you choose.

 

If You Need Help

For those who are unsure about what type of SSL you need or simply need assistance for the installation process, ScalHosting customer support will be happy to talk this through with you. You can get in touch with the support team either via Live Chat or the Ticketing System on the support page.

Rado

Author

Working in the web hosting industry for over 13 years, Rado has inevitably got some insight into the industry. A digital marketer by education, Rado is always putting himself in the client's shoes, trying to see what's best for THEM first. A man of the fine detail, you can often find him spending 10+ minutes wondering over a missing comma or slightly skewed design.

Write a Comment

Required*