Date First Published: 25th June 2022
Subtopic: Security Mechanisms & Technologies
Difficulty Level: 6/10
Learn more about what an SSL certificate is in this article.
Stands for a Secure Sockets Layer certificate. An SSL certificate is a data file or digital certificate that proves the identity and authenticity of a website so that visitors can trust that it is secure and reliable. They are similar to ID cards or badges that prove someone is who they say they are. SSL certificates are issued by trusted certificate authorities. When an SSL certificate is enabled on a website, it activates the secured HTTPS protocol over port 443 and encrypts communications between browsers and web servers so that sent data can only be read by the intended recipient.
The SSL handshake process takes place in six steps, which include:
SSL certificates contain the following information for authentication purposes. The information is publicly visible and can be viewed in web browsers.
For security reasons, SSL certificates expire after a certain period of time, ranging from 3 months to 2 years. This is to help ensure that all certificates are using the latest security standards, that they are maintained by the current certificate owner, to keep the encryption up to date, and to occasionally revalidate the authentication as things change on the internet.
When an SSL certificate expires, visitors will start to receive SSL warnings in their browser and the website will no longer be able to communicate over secure HTTPS until a new one is issued. The warnings may display ‘your connection is not private’, which will show that the site is less than professional. This error is unrelated to the user’s computer. It is just displayed because the website that the user is connected to has not renewed its SSL certificate.
Certificate authorities usually send expiration notifications to remind website owners to renew their SSL certificate. It is recommended for website owners to renew it before its expiration date.
Depending on the type of SSL certificate, one certificate can apply to a single website or multiple websites. The types of SSL certificates include:
In addition, SSL certificates have different levels of validation. Validation is to prove that the SSL certificate holder owns or controls a domain name. These include:
There are lots of paid SSL providers that offer SSL certificates for a yearly fee, but why pay when there are so many free SSL providers, such as Let’s Encrypt and ZeroSSL? Most decent hosting providers will come with free SSL options for users that allows them to install an SSL certificate in their control panel. For most users, free SSL certificates are just as good as paid ones and there is no need to pay for an SSL certificate unless they need advanced features, such as backwards compatibility and a green bar SSL certificate that provides greater validation and authentication than what a free SSL provider offers. Another difference is that paid SSL certificates usually last for a year or two, whilst free SSL certificates usually last for 90 days before they expire.
CDNs, such as Cloudflare come with SSL features and free SSL redirection. After signing up and activating the SSL option, all non-secure HTTP traffic will be redirected to secure HTTPS. However, if a user ever decided to disable or bypass their CDN, their website may display a non-secure warning to the visitors due to no SSL. Cloudflare also provides wildcard SSL certificates, which cover all subdomains of the domain name. This can be seen when viewing the SSL certificate in a web browser. If an asterisk comes before a domain name, such as *.computerhelp4all.com, it means that the SSL certificate also covers all subdomains of that domain name.
If so, it is important that you tell me as soon as possible on this page.