If you equip your website with SSL encryption, data will be sent from your visitor’s browser to your servers via a secure connection. In the browser, the encryption can be recognized by the black or sometimes green lock in the address line of the browser:
“SSL” stands for Secure Sockets Layer and has become a synonym for the encryption of online data streams. Here, the original SSL format is no longer used – it was newer and safer Transport Layer SECURITY standard replaces.
A connection secured in this way via the HTTPS protocol can be seen. As the HTTP protocol, this is a communication protocol for data transmission on the Internet. The difference between HTTPS and HTTP is the encrypted and tap-proof transmission of the data using TLS.
Note: HTTPS = HTTP + SSL / TL S
In addition to the above carrot Google has started in our own browser Chrome, all “Not sure” display HTTP connections one at the beginning of the browser line.
In addition to the slight ranking boost, the SSL encryption of the site from the point of view of search engine optimization is primarily anchored in the fact that the user gains more trust in the website. After all, data streams are secured against manipulation.
Why should I encrypt my website?
Without encryption, all data to be transmitted can be viewed in plain text on the Internet and can be manipulated by third parties with little effort. This is particularly a problem when sensitive data is passed to a website. These can be credit card details at check-out, the login name and password for an email provider, and personal messages for a social network.
If a website operator decides Hallo World sends the message ” ” via an unencrypted connection, this data packet could be read on the way from the browser to the server and would find “Hello world” in it in plain text. Unencrypted data packets can be read out as text. Encrypted data packets are incomprehensible when they are read out without a key.
How does SSL encryption work?
In order for a browser to be able to establish an encrypted connection to a server (a domain), the browser must know whether the server also belongs to the domain it claims to be. SSL certificates are used for this.
What is an SSL Certificate?
An SSL certificate is a method of verifying the authenticity of a website. To do this, a website must apply for a certificate from a recognized certification body. These certification authorities are called Certification Authorities (CA) and request a range of information from the applicant. How much information is required depends on the scope of the certificate to be issued.
After the domain has been verified, the public key is also deposited with the CA. The messages are then obfuscated with this cryptographic key. To change the message back to its original state, another key is required, the private key. This private key is only permanently installed on the verified server and can decrypt the messages.
The important thing here is that a message that has been encoded with a public key cannot be decoded with the same public key. The instructions on how to encrypt a message can thus be made freely available, while the only way to decode the encrypted message again is kept under lock and key. The keys have different lengths and nowadays you should use at least one 256-bit key. However, even larger keys are better.
What are the different SSL certificates?
A distinction is made between three different certificate levels with different degrees of trust. The domain validation (DV or Domain Validation), an organizational validation (Organizational Validation or OV), and extended validation (Extended Validation or EV).
The domain validation
A DV certificate has the lowest level of trust and only validates the domain name. It can thus prove that a request from dmtwebhosting.com really comes from the domain dmtwebhosting.com, but no further information is requested. This type of certificate is also known as the Low Assurance Certificate.
The Organizational Validation
In order to obtain an OV certificate, not only is it checked whether you are the owner of a domain, but information about your identity and address is also checked. In this case, a company not only has to prove that it owns the domain, but also that it is the named company and confirm its location. This type of certificate is also known as the High Assurance Certificate.
The Extended Validation
For an EV certificate, you not only have to prove that the company exists at the specific location and that it owns the desired domain. This certificate is actively checked whether it is a registered organization that has an active account with which you can take part in active business transactions. There is also a further check of the address and telephone number as well as the people who apply for the EV certificate.
These certificates are the most extensive and expensive, but they also offer the user the greatest possible security. In addition, modern browsers show the name of the organization next to the browser bar with this type of certificate – in Microsoft’s Internet Explorer and Edge browsers, the entire address line is also highlighted in green.
To what extent can the certificates be used?
Most types of validation can either be created for a single name (also called a single-name certificate), for a complete domain (including all subdomains, also called a wildcard certificate), or for several domains at the same time (also called a multi-domain certificate).
Single name certificate
With a single name certificate, only the specific host is verified. A certificate for www. dmtwebhosting.com is therefore only valid for the www host. If there were a subdomain like sales. dmtwebhosting.com, this would not benefit from the certificate of the www host.
A single name certificate can be used for domain validation, organizational validation, and extended validation.
The wildcard certificate enables a website operator to achieve certification for all subdomains of a domain at the same time. With a certificate for www.dmtwebhosting.com, both the host would be www.dmtwebhosting.com and the Subdomain sales.dmtwebhosting.com and blog. dmtwebhosting.com validated.
NB: A wildcard certificate cannot be used together with the Extended Validation. Only DV and OV certificates can be wildcard certificates.
With the multi-domain certificate, several domains can be verified and combined under one certificate. With this type, we could validate the domain www.dmtwebhosting.com and also www.dmtwebhosting1.com together. A multi-domain certificate can be used together with the extended validation, although the individual hosts must be explicitly defined.
Which certificate do I need?
For your blog or your personal website, a single name domain validation certificate can be enough to secure the passwords for the comment option. The same applies to forums and the logins there.
An organizational validation certificate is ideal for a company website so that visitors can feel confident that the website not only bears the name of your company but that it can also be correctly assigned. Whether you need a wildcard certificate depends entirely on whether you use multiple hostnames or not.
For all use cases in which sensitive user data such as personal, bank, or credit card data is transmitted, an extended validation certificate should be invested in. This not only protects the user data; it signals the user additional trust via the highlighted view in the browser lines.
Every website operator can decide for himself how important encrypted communication is for his own site. In the case of a blog without a comment function, from a security point of view, it would not be necessary to encrypt the user data using an SSL certificate.
However, if you manage your blog CMS via a web interface (e.g. with WordPress), you should think about encrypting the connection at least with a single name domain validation certificate just because of your own login data. As soon as you move into the field of e-commerce, you should make sure that all the necessary pages that transmit sensitive data are encrypted. In addition, a green lock in front of the browser line or even the company name with a green background (in the case of an EV certificate) can increase user confidence in the site. Google’s measure to classify unencrypted HTTP connections in the Chrome browser as ” not secure ” suggests the same thing.
About the author
DMTwebhosting.com’s Editorial Team prides itself on bringing you the latest web hosting news and the best web hosting articles!
You could also link to the news and articles sections: