009: SSL - Secure Sockets Layer

by Leigh Beaty and Pat Parker | January 6, 2020

Show Highlights

What is an SSL?

“SSL” is short for Secure Sockets Layer and it allows you to send encrypted and secure data from the website visitor’s browser to the web server where your site is hosted.

They have been around since 1995. It has a few iterations.

Why do I need one?

  1. Security – You need to protect you visitors’ data, whether it is collecting emails or account information or even credit card into.
  2. Credibility – It never helps anyone’s site to have the browser complain that it is not secure. People may think that your site is malicious.
  3. An SSL builds trust with your customers and makes it a lot harder for someone to impersonate your site to steal information or clients.
  4. SEO – You will rank higher on search engines. Google is now rewarding HTTPS served websites with higher rankings than HTTP served websites.

In October 2017, Google rolled out even more aggressive notifications. Starting with Chrome 62 (released October 17, 2017), Google added the Not secure warning.

How can I tell if a site is secure? You see the little green lock.

Where do I get one?

Many hosting companies make it easy to install a free SSL/TLS certificate via a service called Let’s Encrypt. Let’s Encrypt offers free unlimited SSL/TLS certificates.

Here is a link of hosting companies that support Let’s Encrypt.

You can also purchase them from 3rd party vendors. First you should decide what type of SSL you need and what warranty coverage best suits your business.

Types of SSL

Extended Validation Certificates (EV SSL)

The highest-ranking and most expensive SSL certificate type is an Extended Validation Certificate. This type of SSL certificate, when installed, displays the padlock, HTTPS, name of the business, and the country on the browser address bar.

Organization Validated Certificates (OV SSL)

The Organization Validation SSL certificate’s primary purpose is to encrypt the user’s sensitive information during transactions. This version of SSL certificate has a high assurance similar to the EV SSL certificate, which is used to validate a business’ creditably.

Domain Validated Certificates (DV SSL)

Domain Validation SSL Certificate has a low assurance and minimal encryption, typically for blogs or informational websites.  Let’s Encryp provides a Domain Validation SSL Certificate.

Wildcard SSL Certificates

Wildcard SSL certificates are used to secure a base domain and unlimited subdomains. Purchasing a wildcard SSL certificate is cheaper than purchasing several single-domain SSL certificates

Multi-Domain SSL Certificates

Multi-Domain certificates can secure up to 100 different domain names and subdomains using a single certificate which helps save time and money

Here are a couple of sites that list a number of SSL Certificate Providers, what types of SSL Certificates they provide, their warranties and yearly cost.

Is that all?

You may need a plugin to make it all work, I recommend Really Simple SSL.

Add the HTTPS version of your site in Google Webmaster tools and any other tracking scripts you are using.

Set up a redirect on your site so that anytime someone tries to access the http:// link, they will be redirected automatically to the new one.

Don’t forget to subscribe to the show!