What is an SSL Certificate?
An SSL certificate, also sometimes just called a security certificate, is a public key that verifies the identity and ownership of a website. Most importantly, the SSL encrypts and secures all the data that is transferred through the server of the website, which protects user information and makes a site less vulnerable to attacks. You can tell if a website has an SSL because it will start with HTTPS rather than HTTP.
How to Get an SSL Certificate
Go Through Your Host
There are a few options when it comes to getting an SSL certificate. In many cases, website owners or managers will purchase the certificate through their hosting provider. Some hosts provide basic SSL certificates for free, but it is less common.
Use a CDN
Yet another option is to use a CDN, or content delivery network such as Cloudflare, which will automatically provide you with an SSL certificate. This is a good option because there are other benefits to this service as well such as faster caching and protection from attacks. This requires you to proxy your servers through their network and change your name servers to theirs.
Request Your Own SSL
Another option is to submit your information, including your CSR (Certificate Signing Request) to a certificate authority. They will review it and validate your domain and company. Once they send you your SSL, you’ll need to install the certificate. While this does take much more work, there are benefits- the SSL will be associated with your corporation rather than your host or a CDN. Keep in mind that you will have to renew your certificate every so often.
Will an SSL Automatically Force HTTPS?
Depending on how you’ve installed your SSL certificate, and what your web platform is, some additional work might be required in order to automatically redirect your website to the HTTPS version every time. If you are having trouble getting your site to redirect automatically, one option is to edit your .htaccess file and give it directions to always redirect to that option. If you’re on WordPress, there are plugins out there that can do the same thing.
What is The Difference Between a Self Signed Certificate and a Commercial Certificate?
Self signed certificates can be easily made because they are not signed by an issuing authority. They do allow users to use HTTPS, but they don’t provide quite the same security as a true SSL. Most of the time, users will get a small warning when a certificate is self-signed. These certificates are controversial, partially because they never expire and cannot be revoked. However, for websites where no personal data is being transferred, self-signed certificates can work perfectly fine.
Do SSL Certificates Improve SEO?
If you’re looking to improve your SEO, SSL certificates are a must have. Google announced that SSL certificates were in fact a ranking factor in 2014. Google has also stated that if all other ranking factors are equal between two websites, having an SSL certificate can act as a tiebreaker and push your website closer to the top of the search results.