Buying an SSL certificate can seem like a complicated and painful experience. How do you know which certificate to choose, what does a wildcard certificate have that a standard domain validated SSL certificate doesn’t, and will your certificate protect website visitors from viruses? In this blog post we’re going to tackle these and other questions. By the end, we’ll have SSL certificates explained in simple terms to help you make an informed decision about which product to buy or what step to take next.
SSL certificates explained
What is an SSL certificate?
An SSL certificate is a small data file that’s used to digitally encrypt data transferred from one place to another online.
SSL stands for Secure Socket Layer, which is also the protocol that’s responsible for securing data transferred.
SSL certificates are used to encrypt information online because without them, hackers and anyone with malicious intent would be able see sensitive information like personal identification numbers, credit card information and other private data not meant to be shared publicly.
Now that we have SSL certificates explained, let’s take a look at some of the most common misconceptions people have about them.
1. SSL protects your website from viruses
While SSL certificates can secure data transferred between two points (your computer and the server/website you are visiting), they do not protect your website from viruses or malware. Malware can infect a website in many ways, and one of the most common website-related malware attacks is due to a Man-in-the-middle attack (MITM).
MITM attacks, however, take place when websites do not have SSL certificates, making it easy for hackers to “sit in the middle” of traffic sent between the website and a website visitor’s computer.
2. SSL slows your website load time
SSL has long been rumored to slow website load times, as well as networks, but that’s just not true. SSL consumes an almost infinitesimal amount of bandwidth on both your website, the websites visitor’s computer and any network you may be using, and this amount of consumption is set to get even smaller as hardware and bandwidth advance.
3. You only need to use SSL on pages with web forms
SSL connections have long been used to secure pages that capture sensitive information, and the idea of only securing these pages was thought to be a good one. However, it is not, and to illustrate why, I’ll use the analogy of a house robbery.
When leaving your home for an evening out, you make sure that all doors are locked and windows shut securely. This way, you leave the house assured that you’ve done all you can to protect your possessions.
If, however, you locked all doors and decided to leave the kitchen window open, a burglar could easily gain access to your home.
Having an SSL certificate on only one page and leaving the rest of your website unprotected is very much the same as leaving your kitchen window open. Hackers can impersonate the website (through a MITM hack) and access information on a website visitor’s computer.
4. You can secure an IP address with any SSL certificate
While almost all SSL certificates must be issued to a fully qualified domain name (such as www.mydomain.com), most SSL certificates with Subject Alternate Name (SAN) functionality can allow an IP address to be secured.
5. SSL certificates don’t secure subdirectories
SSL certificates can be used to secure subdomains as well as subdirectories. In fact, using subdirectories can be beneficial for websites that host different website properties under one domain, as Google rewards subdirectories with better search rankings.
6. All SSL certificates are the same
While all SSL certificates provide encryption, not all offer the same functionality. For example, the SAN certificate allows you to secure multiple fully qualified domain name, while a single domain certificate only secures one domain.
7. Wildcard SSL certificates can secure multiple fully qualified domains
Wildcard and UC certificate functionality are often confused as they both offer the ability to secure more than one online property.
In the case of a wildcard certificate, you can secure an unlimited number of subdomains on one specific domain, as illustrated below:
SAN certificates, on the other hand, allow you to secure multiple fully qualified domains, as seen below:
There you have it! You now know more about SSL certificates and, most importantly, can use this information to make an informed decision about your next SSL certificate order.
Get The Right SSL Certificate For Your Website
TrustTheSite.com is a platinum reseller of VeriSign, Thawte, GeoTrust, Comodo, RapidSSL and Digicert SSL certificates. We offer the best pricing backed by personalised client support.
Call us on +27 23 004 0196 for a free no obligation discussion about your business needs and we’ll help you find the right certificate for your brand.