Frequently Asked Questions About SSL

What Does SSL Stand For?

SSL stands for Secure Sockets Layer. It is also referred to as Transport Layer Security (TLS) and is essential for encrypting information that is exchanged on the internet.

What Is an SSL Certificate?

An SSL certificate is an electronic document that authenticates the identity of a website when creating an encrypted connection. This small data file is digitally bound to an organization’s details and includes a cryptographic key to those details, allowing secure connections from a web server to a browser.

An SSL certificate contains:

• The certificate holder’s name
• The certificate’s serial number and expiration date
• A copy of the certificate holder’s public key
• The digital signature of the certificate-issuing authority

Why Do I Need an SSL Certificate?

An SSL certificate provides privacy, security and data integrity for website and user personal information. If a website isn’t encrypted with an SSL certificate, anyone can read sensitive data as information is passed from computer to computer to get to the destination server.

Sensitive data includes:

• Usernames
• Passwords
• Credit card numbers

Beyond encryption, an SSL certificate also provides:

• Authentication – SSL certificates ensure your information is sent to the right server, not to an imposter.
• Trust – Users may be more likely to convert if they feel their information will not be compromised.
• PCI Compliance – Using SSL certificates is a Payment Card Industry (PCI) standard that you must comply with if you accept credit cards.
• Rankings – Search engines like Google may include SSL certificates as a positive in their ranking algorithms.

Who Should Have an SSL Certificate?

You should have an SSL certificate if you are:

• Taking credit card payments directly on your website
• Offering memberships
• Collecting visitor information via forms

What Are the Different Types of SSL Certificates?

There are three types of SSL certificates:

• Organizationally Validated (OV)
• Extended Validation (EV)
• Domain Validated (DV)

The difference between these certificates is the vetting/verification process. The encryption levels are the same for each type of certificate.

Both OV and EV certificates require the issuer to independently verify the information about your business — the EV certificate requiring more extensive validation. DV certificates only verify you are the registrant of the domain name that will be associated with the certificate.

You can further define your SSL certificate based on how many domains you want to protect:

• Single-name certificates are for a single domain
• Wildcard certificates are for an unlimited number of subdomains off a singular root domain
• Multi-domain certificates are for up to 210 different domains (different providers offer different numbers of domains)

How Do I Get an SSL Certificate?

Your website host might be able to provide you with an SSL certificate. If your host doesn’t sell SSL certificates or your situation calls for more than what they offer, you can buy SSL certificates from a Certificate Authority (CA). Some of the most popular CAs include:

• Comodo
• Entrust
• GlobalSign
• Identrust
• Network Solutions
• Trustico

Before purchasing an SSL certificate from any CA, consider the following:

• Encryption certificate validation type
• Security level
• Browser compatibility
• Warranty
• Refund policy
• Support of SSL experts

How Can I Get SSL Help?

Website security is just one of the key areas Knucklepuck supports for our clients. By leaving the details of things like SSL certificates to us, our clients can focus on the products and services they bring to their clients. Contact us for more information on how we can help you.