SSL Certificate 101


Does your small business take in private information such as contact information or payment that needs to be secure? If so, you are in need of SSL on your small business website. SSL is an acronym for Secure Sockets Layer, an encryption technology originally created by Netscape. SSL creates an encrypted connection between your web server and your client’s web browser that allows private information to be shared without the worries of eavesdropping, data tampering, or message forgery.

Getting SSL for your website is easy. First, you need to install an SSL certificate that identifies you, usually indicated by a padlock icon in web browsers. SSL certificates are provided by Certificate Authorities (CAs). Then, change the URL from http:// to https://. Seeing that SSL is installed on a website gives the visitor confidence in a secure exchange or transaction.

What is a certificate authority (CA)?
You’ve likely heard of VeriSign, just one of the many commercial CAs that charge for their services. VeriSign is an example of the type of entity which issues digital certificates to organizations or people after validating them. These groups keep detailed records of what has been issued and the information used to issue it. They are audited regularly to ensure compliance with defined procedures. When communicating with a CA, they provide you with a Certification Practice Statement (CPS) that details the procedures used to verify applications. While VeriSign is a popular commercial CA, there are also free Certificate Authorities. Be mindful when searching for a CA that popularity isn’t always the best indicator of quality. VeriSign has been around for a while, thus earning the trust of many clients. Essentially, you are paying for their brand; others may give you the same service at a fraction of the cost.

What is browser compatibility?
When your browser is digitally signed by a certificated authority that is in the trusted store of your user’s web certificate are said to be compatible. These relationships are built by established trust between companies. If it isn’t signed by a trusted root certificate, or if there are links missing in the chain, you will view a warning message from your web browser that the site may not be trusted.
Be sure to check SSL Shopper for a list of major certificate providers. Those listed are compatible with 99% of all web browsers.

How many domain names can I secure?
Most SSL server certificates will secure only one domain. If you need to secure multiple domains, there is a wildcard certificate option. For a wildcard certificate, a common name of * would secure,,, and so on. Other options for multiple domains include special certificates such as Unified Communications (UC) certificates for Microsoft Exchange Server 2007. These certificates can secure several different domain names in one certificate.

What is a trust seal?
A trust seal is a symbol on your site’s page that indicates to the user that you have been validated by a certificate provider and are using their SSL certificate to secure your site. It is most useful on pages where users enter personal information, e.g. a shopping cart page, but they can be displayed on multiple pages to help build trust. Each CA’s trust seal is different, so consider the visual aspects of a CA’s trust seal before signing with them. The more professional looking the seal, the easier it is to maximize a user’s trust.