What is a SSL certificate?
SSL (Secure Sockets Layer) is a cryptographic protocol designed to keep communication safe over the Internet. An SSL certificate is a digitally signed file issued for a particular domain name/domain names. Besides the domain name, the certificate also contains the issuer signature, serial number, expiration date, etc. To enable a secure connection and protect important information, an SSL certificate file should be installed on the server. Once the SSL installation is completed, you can securely access your service via HTTPS or any other SSL protocols like FTPS, IMAPS, POP3S, SMTPS, NNTPS, LDAPS, etc.
So, let’s take a look at main advantages of using a SSL certificate.
An SSL certificate helps to protect sensitive information such as logins, passwords, account details and cardholders information for e-commerce websites during Internet communication. Basically, Internet is a chain of computers, and every computer which takes part in data transfer from source to destination can read and recognize unencrypted information. The main idea is that all information is encrypted before being submitted, and only the web server and website visitor have personal keys to decrypt and recognize it. Encryption prevents eavesdropping and tampering information by hackers and identity thieves.
It is important to know that a website you would like to visit and where you want to make a payment is authentic and trustworthy. To ease identification, the website server sends an SSL certificate to your web browser for verification. The web browser analyzes the information received from the SSL certificate and decides whether the certificate is trusted or not. Why some SSL certificates are trusted, and others are not? The main difference is that trusted SSL certificates are issued by Certificate Authorities after the applicant (website owner) passes their verification procedures. Every modern web browser with up-to-date configuration trusts the SSL certificates issued by Certificate Authorities. The verification depth and trust level mostly depend on the validation type of a particular SSL certificate.
- Domain validation. The most affordable and the least verified SSL certificate type. Usually, the Certificate Authority verifies only domain control rights for a particular domain name. More instructions on how to complete domain control validation (DCV) can be found here.
- Organization validation. SSL certificates of this type contain the company name and address by default. The person who applies for an OV certificate should prove that the organization is real. The organization details must be accessible in online public databases; the organization’s phone number is verified as well. The Certificate Authority may also require additional paperwork to prove the company’s identity. Detailed validation information for OV certificates can be found here.
- Extended validation. Only EV certificates provide a green bar with the company name and the highest user trust level. Besides OV requirements, an EV certificate can be applied for by a legal employee (VP, Officer, CEO, CIO) who has the authority to sign a subscriber agreement and a certificate request. The organization must have been registered and have been in operation for more than 3 years; otherwise, the CA may require additional paperwork. More information about extended validation can be found here.
Google search ranking boost
Starting from 06/08/2014, Google announced that having an SSL certificate installed on your website will increase your ranking position, which is another great reason to use SSL.
An SSL certificate also provides your web-resource with trusted indicators which can help visitors to make sure that your website is reliably protected.All SSL certificates from the Namecheap company provide a padlock in the address bar and the https:// connection no matter of which validation type they are.Certificate Authorities supply every SSL product with additional security signs - site seals that may be installed on your website as well. These are optional security signs which can be static and dynamic. Dynamic site seals as well as SSL certificates may show various information about your domain name, organization (if you have one), Certificate Authority and security parameters. Let’s take a look at different trusted indicators based on validation types:
- Domain validation SSL certificates:
Trusted indicators for a correctly installed and configured SSL certificate should be https:// in the address bar and padlock without any warning messages (mandatory). The examples of these signs for a domain validation SSL certificate in various web browsers can be found below:
A domain validation SSL certificate does not include any personal or company information as it is not verified by a Certificate Authority during validation process:
Some site seals examples for domain validation SSL certificates can be found below:
- Organization validation SSL certificates:
After successful installation, an OV SSL certificate looks pretty much the same at first sight - https:// in the address bar and a padlock. However, the organization name and organization location become a part of the SSL certificate after the vetting procedure:
To emphasize the company name and location, the Certificate Authority provides OV SSL certificates with dynamic site seals. Users have an opportunity to view and check the company for which an SSL certificate was issued by clicking on the special site seal icon on the website. More information about the installation of Comodo’s Trust Logo and Corner of Trust can be found here.
- Extended validation SSL certificates:
Only an EV SSL certificate can provide a website with the permanent green bar with a business name and country code in the browser’s address bar. It will definitely persuade users that such a website is well protected and safe for shopping and online payments. Site seals are also applicable for EV certificates. The examples can be found in the previous paragraph as they will look pretty much the same as Site Seals for OV SSL certificates.
This is how extended validation SSL certificates usually look like: