All you need to know about SSL certificates: what is SSL and how to get it?

October 1, 2009 - 5:00am | Articles | Other themes |

| More

All you need to know about SSL certificates: what is SSL and how to get it?

Trust and security are very important driving forces in the evolution of e-commerce. The improvement of security is a sure-fire method to reach trust. With so many websites storing sensitive information, it’s essential to protect customers and website owners against fraudulent activities targeting multiple Internet users. So it’s no wonder why SSL or Secure Sockets Layer technology is a critical part of today’s e-commerce.

What’s the purpose of SSL certificate?

There are myriads of websites on the web that store sensitive or personal information like names, Social Security Numbers, credit card numbers, etc. If a person provides his/her personal data on an unsecured site, the information is transmitted over many computers, so that hackers can easily steal it. SSL technology ensures that personal information provided during online transactions cannot be deciphered or decrypted by some third party.

It’s all good and well, but the primary purpose of a Secure Socket Layers certificate is to establish the authenticity of a website through a trusted third party. In other words, an SSL certificate allows visitors to identify your business by clicking on a padlock sign in the bottom left or in the top right corner, depending on your browser. A green address bar indicates that the site is safe to use.

Who needs SSL?

Website owners running the following websites:

· Online stores and sites that accept online orders and credit cards

· Sites processing personal data such as birth date, address, ID numbers

· Websites that offer a login or sign in

And by all means those owners who value privacy and want to secure online transactions and protect their customers.

How to get an SSL certificate?

SSL certificates are issued by certificate authorities or CAs. The market for SSL certificates has very significant barriers to entry, and like any oligopoly, it’s held by several multinational companies. VeriSign, Thawte, Comodo and other CAs offer a wide range of products tailored to your website’s needs.

VeriSign is one of the leading providers of SSL certificates. The VeriSign Secured Seal is the most recognized and trusted security sign on the Internet. This sign is displayed on more than 90,000 websites worldwide and is recognized by 79% of US online shoppers, according to VeriSign Secured Seal Research. VeriSign is also known for its strict background checking, which generally assures a high degree of confidence from the customers.

The main benefit of VeriSign is excellent customer service. This provider offers a variety of SSL services and additional trust services, not to mention helpful Live Support and Easy Guide for those who cannot decide which product to choose.

Even though technically VeriSign certificates are no different from those issued by other certificate authorities, they’re much more expensive.

Owned by VeriSign, Thawte is a well-known CA offering good certificates at reasonable prices.

The downside of this provider is that company’s offices are located in South Africa, so it may take a while to fix the problem. They don’t have phone numbers for support in the US, and it’s really difficult to get a hold of a rep if you have questions.

Comodo is one of the largest issuers of high-assurance SSL certificates. This provider offers cost-effective solutions that allow website owners to protect online information. It’s one of the best SSL providers in terms of quality/price ratio.

Here are the main highlights of this vendor:

Judging by ambiguous reviews of the SSL shoppers, Comodo’s support services may be excellent or poor. Obviously, it depends on the country you live in, as the company provides its services in over 100 countries worldwide.

Entrust is another respected provider of SSL certificates. This vendor has been working with the most recognized public-key encryption programs since early 1990s. One of the main attractions of Entrust is their competitive pricing. Digital certificates issued by Entrust are recognized by virtually all browsers.

In addition to that, this vendor can boast with outstanding customer service. Many shoppers admit that this vendor is really easy to work with and they can do everything themselves from their user-friendly website.

Documentation Required:

The list of the documents required for an SSL certificate may vary from vendor to vendor. But generally a website owner should have the following documents:

A current governmentally-issued photo ID
The forms of secondary evidence to establish identity, which must contain your name.
Financial institution documents, including a major credit card, debit card or bank statement.
Non-financial documents may include a copy of statement for a payment, a certified copy of your birth certificate.

How to install an SSL certificate:

Once you’ve obtained a digital certificate from one of the CAs, you need to install it on your server. The SSL digital certificate is a text file. Before starting the installation, you’d better make a back-up of your digital certificate and keep it in a safe place.

SSL certificate vendors provide its users either with straightforward installation or SSL installation instructions so that you can easily install the certificate and make sure everything works smoothly. Mind that installation may vary for different web server applications, so you need to select your server from the list of web servers.

With so many companies being transferred to the Internet, e-commerce is big business today. Gone are the days when safety inhibited people from buying and selling online. Today’s online technologies allow website owners protect their business and customers from fraud, and the choices are plentiful to both small and large businesses. Buying an SSL certificate from a trusted CA, you take a big step in making your business more secure and less vulnerable.