What is SSL (Secure Sockets Layer) ?

SSL (Secure Sockets Layer) is an encryption technology employed by websites to secure the connection between the site and their site visitors. The most widespread use of SSL is to secure pages where users are expected to submit sensitive information like credit card numbers or login details. Recent years have seen website owners encouraged to implement SSL encryption on their entire site, with major search engine providers offering SEO benefits to https pages. SSL encryption is especially useful for e-commerce websites as it helps them build trust with their customers.

How is an SSL encrypted connection established?

Step 1: A user requests a secure connection to a website. This is done by entering a URL that begins with ‘HTTPS’ into an internet browser. For example, https://www.example.com

Step 2: The website responds to the user's request and sends its SSL certificate to the browser for authentication. This is known as the 'SSL handshake'.

Step 3: The user's browser verifies the SSL certificate is valid. The browser displays a padlock icon in the URL, indicating the website is secure and can be communicated with.

Step 4: After successful verification, a secure connection is established between the browser and the website. Further communication between the browser and the site is encrypted. Information passed between the two parties can only be deciphered by the two parties involved. Hackers will not be able to decode any information passed between the two entities.

How can I tell if a site is using SSL?

Internet browsers, like Chrome, Firefox and Internet Explorer, indicate whether a website is using SSL by offering several visual cues:

  1. The URL of the site will begin with https://, where 's' stands for secure
  2. The browser will show a padlock icon in the address bar
  3. Some SSL certificates will cause the address bar to turn green, indicating the site uses an extended validation certificate (the most secure and trusted certificate available).

Secure Sockets Layer (SSL)

What does SSL mean to visitors?

A domain validated (DV) SSL certificate indicates that the connection between the user and the website is securely encrypted. All information exchanged between the user and the website is secure and cannot be intercepted and read by a malicious third party. However, domain validated certificates do not vouchsafe the identity of the website owner. The information is encrypted, but users have no idea whether the website to that they are sending their data to is a trustworthy business. Organization validated (OV) and Extended Validation (EV) certificates provide both encryption and assurance that the website can be trusted. This is because OV and EV certificates are not issued until background checks have been carried out on the owner of the website. Additional information in OV and EV certificates includes the full business name and their registered address. These details improve the online reputation of the organization in the eyes of web browsers as well as users. And the more legitimate a website appears, the more business it will generate.

Where can I get an SSL certificate for my website?

SSL certificates can be purchased from certificate authorities. An SSL certificate will only be recognized by internet browsers and mobile devices if it is signed by a trusted certificate authority (CA). If it is not, then the end-user will see error messages when they connect to the site. The first step of applying for a certificate is for the website owner to generate a Certificate Signing Request (CSR) on their webserver. They will submit this signing request to the CA, along with their company name, business address and other details. The CA will issue the certificate after validating the identity of the organization.

What are the benefits of using SSL?

Apart from the data being encrypted and protected from hacking, you get the following benefits:

  1. You will build trust with your visitors and may improve conversion rates: Internet users have been trained to look for the secure padlock when they are considering an online transaction. A certificate from a trusted certificate authority will produce this padlock on your site because the certificate is recognized by all major internet browsers and mobile devices. This means your website visitors will be able to clearly see you have a secure operation and will be more inclined to complete purchases with you.
  2. You know 'for sure' you are communicating with the intended recipient: When two parties communicate over the internet, finding out whether you are indeed interacting with the intended party is not easy. But with SSL, this uncertainty over the intended recipient is removed as the SSL connection allows the user (web browser) to authenticate the website (webserver) before the data transmission commences.
  3. Traffic to your website may increase: 3. Various search engines now give SEO benefits to https pages over non-https pages. This natural increase to your SEO ranking may increase traffic to your website. The more traffic you get the better for your business.

Related Resources: