Have you ever noticed that how some websites you visit contain ‘http’ with an extra ‘s’ while others don’t in their URL? If not, visit some websites to check out this difference. You will notice a pattern here. Most of the websites which have ‘https’ will be websites of repute; the ones you could trust with your personal information (like, for example, your bank’s website or an e-commerce website). Whereas those that don’t would be websites where you’d normally feel vulnerable sharing personal information (like, for example, a dating or socializing website).
You guessed it right. The ‘https’ in the URL is supposed to induce or gain the trust of visitors to a website. It lets them know that they can freely share sensitive information without any fear of their data being hacked.
So, essentially, ‘http’ with an extra ‘s’ means ‘extra protection’ from hacking. In technical jargon, they call this extra protection as ‘SSL ‘, which stands for ‘Secure Sockets Layer’.
In this blog post, let’s focus on i) what is SSL? ii) how it works iii) how to find or identify if a website is SSL protected or not iv) its benefits, and finally, v) how to get an SSL certificate.
WHAT IS SSL?
A Secure Sockets Layer (SSL), provides you (here ‘you’ stands for the browser you are using) with a ‘secure connection’ to the website you are trying to access or connect with; in other words, provides you a ‘secure path’ which cannot be easily intercepted by hackers.
Technically speaking, SSL is a technology which establishes an encrypted link between a web server and a browser. This link ensures all data passed between the web server and browser remain private.
HOW IT WORKS?
Provides a Secure Path which cannot be Intercepted by Hackers.
Let’s take up a real life example to understand SSL better. Any city will have two types of localities: crime-free and crime-ridden ones. A website certified with SSL is similar to a ‘crime-free’ locality which is usually well-guarded by the police. The only difference is that in the place of police, you have SSL standing guard here against the intrusion of digital thieves.
So, someone walking into – or accessing – an SSL certified website, can do so without any fear of being mugged by digital thugs along the way.
The Moment Your Browser Realizes a Website is SSL Protected…
Your browser will form a connection, or in other words, bind together with the web server. This binding connection is secure so that no one besides you and the website you’re interacting with can see or access what you type into your browser. This connection happens instantly and doesn’t require you to do anything. You simply have to visit a website with SSL, and voila: Your connection will automatically be secured.
HOW TO IDENTIFY IF A WEBSITE IS SSL PROTECTED OR NOT?
Apart from the “https” in the url, you should look for:
1. A Padlock Icon in the URL bar: This too appears in the url bar which when clicked will display more information about the website and the company which issued the SSL certificate.
2. Find Out the SSL Certificate’s Validity: The website you are visiting might contain “https” and the “padlock icon”; indications that the website is SSL certified. But what if the validity of that SSL certificate has expired? This would render that certificate useless, wouldn’t it? So it’s important to find out the validity of the SSL certificate.
How? Click Padlock Icon (in the url) >> Choose Certificate Information. You’ll be directed to the Certificate Authority page, where you can check out the “time frame of the certificate”. This will indicate whether the obtained SSL certificate is still valid or not.
1. SEO Friendly: Internet security has gained importance. Therefore search engines like google, firefox, and bing are endorsing (or recommending) websites which are “SSL secured” to their customers, labeling other websites as ‘non-secure’. Therefore having an SSL certificate will benefit your search engine ranking as well.
2. E-commerce Sites are More Secure: PCI (Payment Card Industry) standards have made it mandatory for e-commerce sites to become SSL Certified, making them and the online transactions carried out by their customers on their website more secure and hack-proof. So essentially SSL certificates have made these e-commerce sites more secure.
3. Helps Web Resources Gain Credibility: Anything on the web (not only e-commerce sites or other online businesses) looking for user patronage, will do good to get an SSL certificate. Because SSL certificate increases the web resource’s credibility. In other words, builds the online reputation of that website, which in turn will increase user patronage.
HOW TO GET AN SSL CERTIFICATE?
Certificate Authorities (CAs) like Comodo, DigiCert, Symantec etc., are responsible for issuing SSL certificates. So if your website needs an SSL certificate, you should apply to one of these certificate issuing authorities, which after performing the required background checks, will grant you with the certificate.
As to what type of SSL certificate you need – 3 types are available: DV, OV, and EV – this entirely depends on your requirements. If you need SSL for your simple startup website, go for domain validation (DV) SSL; if you are a reputed company, go for either organization validation (OV) or extended validation (EV) SSL.