As a web developer, I am often asked:
“What is an SSL Certificate?
What does it do? And where do I get one?”
Here is a quick non-techy guide on all you need to know about SSL Certificates.
What is an SSL Certificate?
SSL stands for Secure Sockets Layer which creates a secure connection for visitors to your website.
It allows your website to load via https instead of just http.
With an SSL Certificate enabled a little secure lock icon displays next to the address in the browser e.g.
This provides a nice visual cue for your website visitors that your website is secure and safe to browse.
This is particularly important for websites such as online stores or membership websites where your customers need to log in to an account. The website data is encrypted by the SSL providing a secure connection.
Do I need an SSL Certificate for my website?
The short answer is YES! It is recommended all websites have an active SSL Certificate.
Why? Well for starters improving security is always a good thing.
If you don’t have one, when potential customers visit your website (via https instead of http) they may see a “Not secure” warning such as below, which can be offputting.
This particularity applies to customers using browsers such as Chrome and Firefox.
In some cases a message like below may display, blocking visitors from accessing your website:
So you definitely want one active on your website so you’re not missing out on any customers!
Having an active SSL Certificate enabled on your website may also affect your website ranking. Google takes SSL Certificates seriously and has announced they may mark you down in search rankings if you don’t have one.
So it’s a good idea to get an SSL Certificate up and running on your website ASAP.
So how do I get an SSL Certificate?
Don’t panic! Getting an SSL Certificate added is easy, and it does not have to be expensive!
The first step would be to contact your website host to see what they offer.
BEWARE some hosting providers may charge exorbitant prices for a basic SSL Certificate. This can be common with cheap hosting providers as a way to make more profit.
For example one popular cheap hosting provider at present offers a “Special Offer” for just $5.99 for the first year! – further down the page the standard pricing after the first year is $109.95 per year. That is a BIG difference in cost that you would end up paying in addition to your annual hosting fee!
Many hosts (such as Digital Spice) offer a FREE domain validated SSL Certificate with their hosting account packages. cPanel hosting comes with an option for Free auto-renewing SSL, so why should you be charged extra?!
There are different types of SSL Certificates, however a basic domain validated SSL certificate is suitable for most small to medium business websites.
Contact your website host to discuss your SSL Certificate needs.
An SSL Certificate is installed but my site still loads as not secure?
Depending on the software that your website has been developed with e.g. WordPress or Joomla, you may also need to add a plugin or some configuration to your website settings to force your website content to load from Https after the SSL Certificate is enabled. Get in touch with your website developer, they should be able to sort this out for you.
If your website still shows as not secure, there could also be other factors involved and you may need your web developer or host to investigate this for you.
If I have an SSL Certificate is my website secure?
This is a common misconception – an SSL Certificate will help to create a more secure connection for people visiting or interacting on your website, however it does not ensure your website is secure.
Make sure your website software is kept up-to-date and use secure passwords for your website and hosting accounts as this will help to maintain your website security. Your website developer or web host should also be able to provide advice for implementing other security measures to help your website remain secure.