Learn • Anywhere
Rumie logo

Flaticon Icon

Dahlia recently started a business exporting spices and is excited because she created an e-commerce website to sell her products over the internet. But she soon ran into a problem when potential customers who visited the website complained about a message alert informing them that her website was not secure.

web browser page with no SSL certificate

😟 She's worried that she will lose customers as a result of this issue.

Woman looking at a computer screen saying 'Everything is gonna be just fine, probably.'

🔎 Dahlia's problem is that her website is missing a valid web security certificate or SSL certificate.

Flaticon Icon

Did you know?

According to a survey conducted by Hubspot, 82% of people claimed that they wouldn't browse a website if it was missing an SSL certificate. (source: seositecheckup.com, "A beginners guide to SSL and website security", 2021)

What is an SSL certificate?

SSL is an acronym for Secure Sockets Layer. An SSL certificate (also called web security certificate/ TLS certificate/ HTTPS certificate) authenticates the identity of a website.

It provides "a digital stamp of approval from an industry-trusted third party known as a certificate authority."

💡 A website with an SSL certificate will show a change in the web address in the URL bar from http:// to https://

  • http:// or "Hypertext Transfer Protocol"

Flaticon Icon

  • https:// or"Hypertext Transfer Protocol Secure"

Flaticon Icon

💡 A website with an SSL certificate will show a padlock icon in the URL bar that indicates that the website is secure. By clicking on the padlock icon, you can get more details about the website and the company that provided the SSL certificate.

closeup image  of URL bar of a web browser with highlighted padlock icon and https

  • SSL certificates need to be renewed at least once every two years. You can purchase an SSL license from a Certificate Authority (CA). These are trusted organizations that store, sign, and issue digital certificates.

Flaticon Icon

Did you know?

SSL is an Internet security protocol that uses encryption for communication between a user and a web server. If someone tries to intercept user data from the web server, SSL displays "a scrambled mess of characters" instead of actual user data, protecting the user's data in the process (cloudflare.com, "What is SSL").

Why does a website need an SSL certificate?

✅ When your website has a valid SSL certificate, it will help:

  • keep data secure, establish credibility and build trust by facilitating encryption of information between a client and a server. A website with an SSL certificate shows a padlock lock icon establishing credibility.

  • prevent domain spoofing and ensure users connect to the correct, official server for your website instead of a hacker-run fake version of the website.

  • reassure customers that as a business, you've taken the necessary measures to keep their information safe. This makes it more likely for them to return in the future to do business with you.

  • improve your site’s SEO rankings. According to Google, websites with an SSL certificate (https://) get an added advantage in the search engine results pages (SERPs).

  • improve user experience. With an SSL certificate, your website page will load faster.

Woman smiling and looking at her laptop screen.Photo by AllGo - An App For Plus Size People on Unsplash

Did you know?

With an SSL certificate, a website can be protected from Domain Spoofing, a type of phishing attack. Domain spoofing happens when an attacker fakes a website or email and tries to con people by stealing their personal information and financial details. (source: cloudflare.com, "What is Domain Spoofing?").

What information is in an SSL certificate?

An SSL certificate contains the following information:

  • certificate holder's name (domain name)

  • certificate's expiry date and serial number

  • digital signature of the issuing authority

  • a copy of the certificate holder's public key

Flaticon Icon

Types of SSL certificates

There are several different types of SSL certificates including:

  • Domain Validated (DV) — These certificates "only require validation that a company or the individual can demonstrate control over a web domain." DV certificates are low-cost but are the least secure.

✅ Used for blogs, personal websites, and websites that don't do financial transactions or collect personal information.

Flaticon Icon

  • Organization Validation (OV) — This certificate validates business identity and authenticity. It provides an additional level of online trust with extra security steps.

✅ Used by websites of organizations doing financial transactions that require the personal information of users.

Flaticon Icon

  • Extended Validation (EV) — This certificate validates websites that need added identity trust and stronger assurance to the public.

✅ Used by major brands, financial institutions, and other organizations that require collecting data, processing logins, or online payments.

Flaticon Icon

⚡Knowledge Check!

Flaticon Icon

Ella has created a beautiful website for her take-out restaurant and is applying for an SSL certificate before she starts accepting orders online.

Take Out restaurant website

Quiz

At this stage, which type of SSL certificate should Ella apply for?

Take Action

Decorative digital drawing depicting a man pointing to the SSL certificate on a web browser.

If your website doesn't already have an SSL certificate then take the necessary steps to acquire one as soon as possible:

License:

This Byte has been authored by

CS

Chirasree Sen-Varma

Educator and Administrator

PhD

English

🍪 We use technical and analytics cookies to ensure that we give you the best experience on our website. more info