What Are SSL Certificates?
An SSL certificate is simply a file containing a bit of security code that allows a website to encrypt traffic between end users and their own servers. Web servers use these certificates to identify themselves to users and verify said identities. A generic SSL certificate is digitally signed by a reputable certificate issuer like Thawte or VeriSign to demonstrate its validity. Since anyone can “sign” a certificate, neutral third parties such as the aforementioned certificate issuers ensure a “web of trust.” When a business purchases an SSL certificate, the issuer or Certificate Authority (CA) verifies the business’s identity.
How Do SSL Certificates Work?
When a browser contacts a secure site, it requests a certificate from said site. The site responds with its SSL certificate, which identifies the Certificate Authority that issued it. If valid, the SSL certificate is then used to encrypt the connection. Web traffic is then transmitted using the HTTPS protocol, which is simply the standard HTTP protocol encapsulated with Secure Sockets Layer encryption. SSL uses public-key cryptography to ensure that no data is transmitted in plain text. This prevents hackers from stealing sensitive financial information and allows for secure transactions online.
Who Needs a ‘Cert’ and Why?
Any site that wants to complete financial transactions or safeguard the login details of its users should get an SSL certificate. Using an SSL certificate prevents “man-in-the-middle” attacks that can result in data theft. By purchasing a certificate from a trusted Certificate Authority such as GlobalSign, a site can prove to any given visitor that they’re not out to steal their information for nefarious purposes. Naturally, trustworthy certificates can have a major impact on e-commerce success. Generally speaking, any website beyond a hobby blog should purchase an SSL certificate for peace of mind.
Implementing SSL Certificates
To set up an SSL certificate, you must purchase one from a Certificate Authority like VeriSign or Thawte for anywhere from $20 to $150 per year. Most web hosting companies offer SSL certificates through partnerships with these Certificate Authorities. Make sure your certificate uses a minimum of 128-bit encryption. Once you’ve selected a certificate vendor, you’ll create a Certificate Signing Request, buy the actual certificate from the CA and download your specific certificate file as well as any required intermediate certificates. Then, you’ll simply copy the files to the appropriate folders on your server. Though the installation details will vary based on your server, the process is quite straightforward in practice.
You can purchase a SSL Certificate from any of the below hosting services. Each of them provide a step-by-step guide to teach you how to install the SSL certificate on your website:
Rank | Host | SSL Certificate Price |
---|---|---|
1 | WHC.ca | From $34.95 per year |
2 | AstralInternet.com | From $53.10 per year |
3 | GoDaddy.com | From $74.99 per year |
4 | HostPapa.ca | From $19.99 per year |