SSL Certificates

What is an SSL certificate?

SECURE SOCKET LAYER & TRANSPORT LAYER SECURITY (SSL & TLS)

SSL (and its successor, TLS) is a process that enables websites to exchange secure, encrypted information across the internet. The encryption shields the information from being intelligible to anyone who might intercept it – like your credit card number when you buy online, for example. It’s the way you can make sure people trust your website.

The SSL certificate is a document installed on the secure website that allows the viewer’s browser to authenticate the security. A process then begins to encrypt any data exchanged. You know when you’re visiting a secure website because the URL prefix is https:// instead of just http://.

Who needs an SSL certificate?

Anyone who sells goods or services online needs an SSL certificate installed on their site. If you expect people to send you their credit card and personal details over the internet then you need to make sure they know they can trust you.

Who else? It could be good to have this installed if you have people updating any personal or confidential information over the internet, for example:

  • A members’ log-in area on your organisation site.
  • A contacts database accessible to members online.
  • Online submission of sales figures for a franchise company.

How do I get an SSL certificate?

The easiest way is to purchase one from an SSL provider (such as Rack Servers) and install it on your web server. And just like anything on the internet, there is a huge range to select from, priced from around $50 to $5,000 per year and with varying degrees of warranties and securities… so what are you really looking for?

Popular does usually mean secure

The popular SSL providers are popular because they have proven to be secure. This does not mean that newer or smaller SSL providers are less able to provide adequate security – it’s just that most people are reluctant to experiment with this aspect of their web business. Larger companies are also able to offer larger insurance warranties which helps their reputation for delivery. The marketing spin is, how much are you prepared to pay for your client’s security?

Expensive does not necessarily mean more secure

In fact, what does it mean to be more secure? Surely it’s either secure, or it isn’t… So why the immense difference in prices across providers?

It’s really about how rigid the certification process is – that is, how much a company ensures the integrity of the website they sell certificates to. It’s also the insurance warranty figure they can offer in case your data is intercepted and somehow decrypted.

It’s also about the reputation of the company providing the certificate – this is a big marketing strategy for larger SSL providers.

In reality, the mathematics behind the encryption means that even at low encryption rates, the time it would take for a hacker to try and decrypt your information is many, many times the average human lifespan. So really the difference between companies is largely an emotional satisfaction about the security of precious and personal information. Do most people know the difference between SSL providers? Not really, but they will recognise the same names appearing time after time, as well as the providers that big sales companies such as Ebay and online department stores use. The marketing is all about the impression of a guarantee of security, and this is what you’re buying most of the time.

My recommendation is to spend a couple of hours comparing SSL providers and their products and notice how you feel about the different sites. Work out a budget that you are happy to spend on data security and see what you can get for your dollar.

Conclusion

The reputation of the SSL Provider can increase client trust in your website, simply because not many people realise how the encryption works.

To be almost-completely (nothing in life is certain…) secure for the next ten years get 128 bit encryption.

Do some research for the best deal for yourself and your clients’ peace-of-mind.

Here at Rack Servers we recommend the following SSL Certificates:

Other Articles you might be interested in

cloudflare-logo

CloudFlare Certified Partner

CloudFlare increases speed and security of your site CloudFlare makes it easy for any site to be as fast and secure as the Internet giants. We've … [Read More...]

IMAP_POP-email-icon

IMAP vs. POP: Which is best for your situation?

IMAP vs. POP 3 When you first set up your website using cPanel you will probably want a unique email address that is more professional than a … [Read More...]

About Nick Miletic

Nick Miletic is a director of successful Australian web host company, Rack Servers. Nick has many years' experience in the web hosting industry and his peers consider him an authority on all things internet related.

For great Australian web hosting choose Rack Servers

Comments

  1. Hmm. Your statement “In reality, the mathematics behind the encryption means that even at low encryption rates, the time it would take for a hacker to try and decrypt your information is many, many times the average human lifespan.” is not correct. Taking low = 40 bits, an ordinary home computer could crack it in under 2 weeks in *2004*. Dedicated hardware can achieve almost real time (under 2 seconds) cracking of 40 bits… That is why the bare minimum suggested by any serious security professional is 128 bits today for the symmetric keys, and 1024 bits or larger for assymmetric keys. See http://en.wikipedia.org/wiki/40-bit_encryption

Speak Your Mind

*