What is an SSL Certificate, and Do I Need One on My Site?

If you run your own website – whether for business or personal use – you may have heard the term SSL certificate. But what is it, and is it worth investing the money into it for the sake of your website?

what is ssl and https

What is an SSL Certificate?

The acronym “SSL” stands for Secure Sockets Layer. As defined by Globalsign.com, SSL certificates are “small data files that digitally bind a cryptographic key to an organization’s details.” SSL, then, is encryption technology that, when installed on your site, creates a secure connection between your server and your visitors’ web browsers.

Have you ever seen the padlock icon next to your address bar when you visit certain websites? Or maybe you’ve noticed some websites use http:// while others use https://. Both the padlock and the “s” tagged onto http:// indicate that a website has an SSL certificate installed and that you’re working under a secure connection.

Who Needs an SSL Certificate?

SSL Certificates are all about creating a secure connection by encrypting data, but not all websites are sending and receiving sensitive information, so not all web owners need an SSL Certificate. When it will only add to your website costs, how do you know if you should invest in a secure connection?

The answer is actually pretty simple. If you’re an ecommerce website and sending credit card information, then you want to make sure your customers trust your connection. You’ll undoubtedly want an SSL Certificate. If you’re dealing with any other personal information like social security numbers, then you’ll also need an SSL Certificate.

Why? For one, it protects you. Since the connection is secure, you’re less likely to get hacked, so you can rest with peace of mind knowing your customers’ info is safe and that you’re unlikely to lose your reputation to a data breech. Alternatively, if you don’t encrypt your data with an SSL Certificate, any computer between yours and your server can see the info you’re sending. An SSL Certificate also provides authentication, so you know you’re sending info to your server instead of a criminal’s server.

In addition, it can cost you sales if you don’t have one. Gartner Research shows that almost 70 percent of online shoppers will terminate an online order when they don’t trust the transaction. Having proof of that SSL Certificate (with https://, for example) will put that trust back into your transaction.

So, Do I Need an SSL Certificate?

What if you’re not dealing with sensitive data? Do you still need an SSL Certificate? The choice is really up to you, but along with the benefits mentioned above, it can also boost your Google rankings, which is why a lot of people are happy to invest the money.

As Google announced in 2014, security is a top priority. That’s why they’re using encryption as a ranking factor. As of now, an SSL Certificate doesn’t carry a lot of weight on your rankings, but Google has said that they’re likely to strengthen its effect on rankings in the future. Jumping on that bandwagon now can give you an edge over competitors when it starts to matter more.

The truth is that you may not need an SSL Certificate unless you’re accepting online payments, but with so many benefits, why wouldn’t you have one?

Types of SSL Certificates

Up until this point, SSL Certificates may sound pretty simple, but there are lots of things to consider when getting one, including the different types. There are three you can choose from:

  1. Extended Validation SSL Certificates: If you’re looking for the highest level of authenticity, an EV SSL Certificate is a good choice. This is because there’s more effort involved in getting one. The Certificate Authority will check your right to use your specified domain as well as conduct a thorough investigation of your organization. This will also come with extra browser security enhancements, such as the green address bar indicating a secure connection.
  2. Organization Validation SSL Certificates: When applying for an OV SSL Certificate, the Certificate Authority checks your right to use your domain and conducts a simple investigation on your organization. The company information will be displayed on the Secure Site Seal, enhancing trust with your customers.
  3. Domain Validation SSL Certificates: This type of SSL Certificate doesn’t involve any company investigation. It also doesn’t display anything but encryption information on the Secure Site Seal when visitors access your website.

Truth be told, not all SSL Certificates are created equal, and that’s why you’ll find such a variety of price ranges. In addition to the types of SSL Certificates mentioned above, you’ll also notice differences based on who is selling you the SSL Certificate. VeriSign (now Symantec), for instance, is one of the most trusted brands, so you’re likely to pay more when using their services.

How to Get One

In general, there are two ways to obtain an SSL Certificate. You can purchase one straight through your web host as an add-on; just be conscious of what type of SSL Certificate you’re getting if you’re looking for something more than a Domain Validation SSL Certificate. Depending on your host, this can cost you as little as $5 per month, and in some cases, just a few bucks per year.

You can also purchase through a third-party Certificate Authority and then install the SSL Certificate through your hosting account. SSLShopper.com features customer reviews from some of the most popular Certificate Authorities and is a great place to start. These services can cost you several hundred dollars per year, but you usually have more options in authenticating your site and company to put even more trust in your brand.

Once you’ve installed your SSL Certificate, be sure to check your web pages and make sure the padlock and “https://” is showing up. You may have to force https:// onto image, CSS, and JavaScript files. Here’s a quick resource to get you started on that for WordPress.

Going without an SSL Certificate on your site won’t impede its function, but using one can protect you and your customers, increase trust in your site, and boost your Google rankings. So do you think investing in an SSL Certificate is worth it? Let us know in the comment section.

Alicia Rades

Alicia Rades (@aliciarades) is a professional blogger for hire who specializes in blogging, freelancing, and lifestyle topics. Learn more about her at aliciarades.com, where you can download her free blogging guide, 20 Questions to Ask Yourself Before Hitting Publish.
with 3 comments 0 744

3 comments on “What is an SSL Certificate, and Do I Need One on My Site?”

  1. Fred

    Thanks for the article, but I’m getting more confused the more I read. In some places they state that SSL is deprecated in favour of TLS because SSL has become so vulnerable to hacking and breaking. But even TLS is appearing more fragile as time goes by.

    If the “secure” certificates are being so easily broken (heartbleed, poodle, etc), is it worth paying so much to get a SSL certificate for a website if all it does is give a false sense of security to the end user? Or am I confusing two separate technologies with the same acronym?

  2. Paul

    Thank you for sharing this material. Very useful when you’re just starting out with SSL Certificates. It’s great that you have paid attention not only to the fact that SSL cert is a nice encryption instrument but also that it´s a great “marketing” way to increase trust level and show your website´s visitors that you care about their data. And this helps a lot with sales.

    When searching for SSL cert (i choose RapidSSL) for my website I have noticed that projects, specialized on SSL reselling provide better prices than CA, and even hosting providers. For example, RapidSSL in:

    • rapidssl.com – from $40.66/yr.
    • crucial.com.au – from $99/yr.
    • trustico.com.au – from $32.38/yr.
    • timetossl.com – from $13.13/yr.


Leave a Reply

Your email address will not be published. Required fields are marked *