What is SSL/TLS certificate and why it is important for a website
What is SSL (Secure socket layer) certificate and how does it work? SSL is a security layer for your website safeguarding all the information sent back and forth from your website. It is a mandatory requirement for your website to rank on search engines. The first thing you will notice when a website has an SSL/TLS certificate is, the URL has HTTPS (hypertext transfer protocol secure) rather than HTTP and you see a padlock sign before the URL. I would also list few sites where you can get a free SSL certificate for 3 months.
What is SSL
SSL (secure socket layer) is an encryption-based internet security protocol. It encrypts all the information sent from website to server or vice versa, which may include credit card details, name, address and all the personal information that you share on a website.
SSL is the predecessor of TLS (Transport layer security). SSL was first introduced in 1995 with the intention of privacy, protecting information over internet communication.
So what is TLS? it is basically a secure version of SSL with the latest updates, SSL1.0 and 2.0 has been deprecated and replaced by TLS. The currently used version is TLS 1.2 and the latest version is 1.3. So we should call it TLS rather than SSL. But SSL is a more known term rather than TLS.
How does an SSL certificate work
- SSL/TLS initiates a process called handshake to identify the client who is requesting the website.
- SSL/TLS certificate has a pair of keys private and public, these keys interact behind the scene with the client when the website loads in the browser
- Every time someone requests the website the browser checks if there is an SSL/TLS certificate encryption.
- This is when the website shares the SSL/TLS certificate and public key with the browser to establish a secure connection.
- The browser checks whether the SSL/TLS certificate is valid, and not expired. It also makes sure the certificate is trustworthy by recognizing the issuer.
- The browser sends the session key and the server decrypts it with the private key. Then the server sends back the encrypted session key to start the secure session.
What are the benefits of an SSL/TLS certificate?
- It encrypts all the data sent over from a website
- SSL/TLS certificate protects all the sensitive data like username, password and payment information.
- It also ensures no alternation or data loss is done to the data during the transport.
- It is an important factor when ranking on Search engine. Google made changes to its algorithm in 2018 and ranked sites having SSL/TLS certificate over non-secure sites. Though all the other factors need to be similar for ranking.
- Also, the browser shows non-secure besides URL, if a site does not have an SSL/TLS certificate
- It builds customer trust increasing the customer retention
- Creates an identity and authenticity for your website
- You need an SSL/TLS certificate if you are an e-commerce website or accept payment online via a website because SSL/TLS installation makes your website PCI compliant, and it is one of the requirement by PCI.
How to install SSL/TLS certificate
Though this process will change according to your hosting service provider. You can also get a free SSL certificate for 3 months from sites like.
You need three things
- Certificate
- CA bundle
- Private Key
You need to login to your hosting and search for SSL and follow the process. You can always search for your specific service provider instruction to install SSL certificate. If you have any query regarding installation I will definitely guide you, just drop a comment or email me.
Conclusion
SSL/TLS certificate are very important for all the websites, as data theft and malicious attacks can be avoided. If you install this certificate you will have an added advantage over website that don’t have. The price for SSL certificate will be around Rs2000. It depends on the validation. Though you can opt for 3 months free SSL certificate.
