What Are Security (SSL) Certificates & Why Do You Need One For Your Website?
Security certificates provide the means for private, encrypted communication between your website & your viewers via HTTPS. If you visit a website which is secured via HTTPS, there will be a green padlock in the location bar of your web browser.
Google is beginning to provide more favourable search engine rankings for sites with HTTPS enabled. You might want to consider security certificates as an essential component of your website.
Where To Obtain Free Security (SSL) Certificates
In order to install these seamlessly and without continued efforts, you’ll want either shell access to your web server, or for your hosting provider to integrate with Let’s Encrypt.
There is a way to manually obtain & install a certificate from Let’s Encrypt, but this is undesirable; the certificates expire within months & you would need to spend your time in order to manually renew & reinstall your certificates, multiple times a year. You might consider purchasing a certificate in this case.
If You Have Access To A Web Hosting Control Panel Such As cPanel or Plesk, Your Hosting Provider Might Already Have Let’s Encrypt Integrated
Log into your website hosting control panel to explore whether Let’s Encrypt is already available to you. The software running most control panels are either cPanel or Plesk.
If it’s cPanel, you’ll want to follow this guide.
Plesk users will want to follow this guide.
ISPConfig has Let’s Encrypt integration, since version 3.1.
If Let’s Encrypt is not already setup, your web hosting provider might install it upon your request.
Maritime Method Software’s managed website hosting packages are Let’s Encrypt enabled & your certificates are installed and ready for use, by default.
Let’s Encrypt’s free certificates will provide what is called Domain Validated (DV) level certificates; this means, they verify that you own the domain name you are using for your website.
If you can’t go the Let’s Encrypt route to obtain your certificate, you’ll need to purchase a certificate. Namecheap.com is just one place this can be accomplished; they sell DV level certificates for as low as 10.88 Canadian, at the time of this writing. Your website hosting provider might also have an affordable, straightforward way to both purchase & install a certificate.
Certificates With The Highest Level Of Trust
You might desire to present your website visitors with a certificate which has an increased level of identification verification; in which case, you will need to purchase either an Organization Validated (OV) or an Extended Validated (EV) certificate.
We won’t go into depth over the differences between Domain Validated (DV), Organization Validated (OV) and Extended Validated (EV) certificates in this article. Basically, upon purchase of OV & EV certificates, you will need to provide further proof of identification & ownership of your organization, along with the higher price tag. In return, visitors to your website will get the “green bar” in their web browser, indicating that your identity has been thoroughly verified by a Certificate Authority (CA).
It’s worth noting that DV, OV, and EV certificates all provide the same amount of technical security & the same level of encryption. The difference is that EV certificates will indicate to visitors of your website that a certificate authority has confirmed further proof of identification & ownership; arguably, they provide your website visitors “further confidence in who’s behind the site”.
Further Reading & Discussion
Trying to find a good post to help you decide about Extended Validation (EV) certificates, I’ll recommend Troy Hunt: Journey To An Extended Validation Certificate.
If you would like to dig into further discussion regarding DV, OV, and EV certificates, you’ll find it in-depth at Stack Exchange. Here are a few links to get you started:
HTTPS & Certificate Testing Tools
The SSL Labs SSL Server Test – Deep analysis of web server SSL configuration
Why No Padlock? – discovers elements of your website which aren’t being delivered via HTTPS