An SSL is an encryption method used for securely transferring data over a public network. When you visit a domain that is using https:// as the protocol in front of the domain name, it means you are using an SSL connection to the site. Any data you enter into the site will be transferred back to their server encrypted and secure.
SSLs are a very important security feature that makes buying online a secure thing. Without some form of encryption in the transfer, credit card numbers, passwords, and other sensitive data would easily be obtained by attackers. When you browse to a site that you want to buy something from, you want to make sure that you are using an SSL connection to protect the data that you are about to enter into their form. Google and Facebook are doing everything they can to ensure that all sites are using SSL for pretty much everything.
Self Signed Vs. Signed
Self-signed certificates can be created by any server using OpenSSL, however, when you use these certificates in a browser, they are not trusted and they will throw a warning. The browser does not trust these certificates because it cannot verify if the machine that created it is secure. If the machine that creates the SSL is compromised then the SSL is useless. If an SSL is created on a secure machine, then it will function the same as a signed SSL when it comes to the encryption, but it will not be trusted by the browser.Self-signed certificates are generally used in development or testing environments.
When you visit a site and you don’t see any warnings, you are seeing a site with a signed SSL. A signed SSL goes through a verification process, with a Certificate Authority or CA. The CA verifies the ownership of the domain, signs the certificate and provides their chain certificate to install with the SSL.The signed certificate from a trusted authority will show up as protected in the browser and protect the connection to the server.
There is a variety of different SSLs that a domain owner can use.
Standard SSL These will usually cover the main domain and sometimes the www version is included.
Wildcard SSL This one is nice if you use multiple subdomains that need to be protected, They can be a bit more expensive, however, they cover any subdomain for your site.
Organizational SSL These guys have a bit of company information vetting to them and allow for the company information to be displayed when the site seal is clicked.
Extended Validation SSL The EV SSL requires a lot more vetting of the company to verify its validity. This process usually takes around a week to complete if you are on top of the information. This SSL shows what is known as the “green bar” seal — If you ever need to order one of these, and need any help, Just let us know!
Other Reasons you may see a warning in your browser
There are multiple different reasons for a browser to show an error for an SSL. Some of the most common are
- The domain you are visiting does not match the certificate
- You are visiting the domain from the IP
- The certificate used is old and using insecure cryptography
- The version of SSL software may be outdated
- The certificate is expired
Currently, the Chrome browser is displaying noticeable warnings for any sites that do not have an SSL, Chrome is also requiring sites that collect information to have one.
SubversiveTech is available 24/7 to assist with Install SSL certificates Or we can Order the exact one needed and we will take care of the installation! Just message us for details. SSL certificates as low as $15.00 per year, including the install! We can also assist with updating your site to use HTTPS!