Because of the coming changes to the popular Chrome browser beginning in July, SSL’s have been a hot topic as of late. If you try to search about SSL’s, you’ll find that most of the definitions are rather technical and most everything else is just marketing to get you to purchase one. Most resources are not incredibly helpful when it comes to what your options actually are and what you need to purchase, so I am here to answer your questions!
SSL or Secure Socket Layer is a standard for creating secure links between your website and your users. What you ‘purchase’ or ‘install’ on your website is a digital certificate that your identity has been verified by a third party known as the certificate authority, not unlike the relationship between a restaurant and a health inspector. It also signifies that the user can safely provide their data as it will be unreadable by anyone except your website.
Yes. Without an SSL Certificate, some browsers may label your site ‘Not secure’ and even require your users to confirm they actually want to go to your site. Eventually browsers may block your site entirely. It will also hurt your website’s rankings with major search engines and can have legal implications if you collect sensitive data. Ultimately, using SSL protects your users, customers and readers from hackers and scammers and maintains their trust with you.
What kind of SSL Certificate do I need?
Yep, to make things more complicated there are a dozen different kinds of certificates. To narrow it down you need to know what validation level your website needs and how many domains you need to secure.
Does your website have more than one domain or does your website make use of sub-domains?
Yes? Then you’ll probably need a multi-domain or wildcard certificate. If you don’t use a multi-domain certificate you will need to purchase and validate each certificate individually which can be both expensive and time consuming.
Does your website request information about user’s health, legal information, financial information or sensitive personal data such as a Social Security Number?
Yes? You will want to look at an Extended Validation or EV Certificate. Depending on the authority they can take a week or two to complete validation and will require providing some signed documents and legal documents to verify your business or organization. In return they provide the highest level of trust to your users.
Does your website request your user’s payment information or address?
Yes? You will want an Organization Validation or OV certification at minimum. An OV Certificate will require you to provide information such as the name and address of your company or organization for manual validation by the certificate authority. This validation can take a few days but will provide some assurances to your customers that you are trustworthy and legitimate. For medium to large e-commerce websites I would recommend upgrading to an EV Certificate.
If you answered the last two questions above with no, then a Domain Validation or DV Certificate will suffice. A DV Certificate is the most basic but also the least expensive type and will cover the needs of most sites. These are also popular because they can be issued and installed quite quickly, usually within a few hours.
The simple answer is it depends on the type of certificate. Multi-Domain EV Certificates will run the highest at anywhere between $150-$600. On the flip side it is possible to obtain free DV Certificates but you’ll need to be familiar with servers and installing those certificates. We believe in promoting a more secure internet for users and providing secure websites to our clients, which is why most of our hosting packages offer a free DV Certificate through Let’s Encrypt. To see the range of prices for different types of certificates and to compare different types of certificates I highly recommend SSLs.com.
SSL and certificates may be a little technical, but they are necessary and becoming increasingly prevalent across the web. While not all certificates are created equal, each will provide some level of security to your users and boost the trustworthiness of your organization’s online presence.
Reach out! Our team would be more than happy to help with your SSL needs and answer any questions you might still have.
At Pixel & Hammer we strive to give each and every one of our clients an upfront and honest quote when they require our services. Please provide us with as many details as possible so we can provide you with a detailed quote to match your exact needs! Thank you for choosing Pixel & Hammer.