As online security is becoming ever more important, having an SSL certificate on your website is an absolute must!
If you are not sure whether the website you are visiting is secure or not, you can tell by the start of the web address. If the web address starts with https://, it's running on an SSL certificate.
However, if the web address starts with http://, it is not secure and Google Chrome gives a rather visual showing that the web page you are on is not secure.
With this visual display being shown to your users, it's essential to have an SSL certificate on your website so you don't lose potential traffic and conversions.
What sort of SSL validation is required?
There are a few different types of SSL certificates that you can go for, but which one do you choose?
Well here are some of the options:
Domain Validated (DV) - Issuing a DV certificate allows the Certificate Authority (CA) to check that the applicant has the right to use the SSL certificate on that particular domain name
Organisation Validated (OV) - This certificate is very similar to a DV certificate, but it offers an extra layer of protection. The CA will conduct some vetting of the organisation and will require the organisation to submit paperwork
Extended Validation (EV) - Again, this certificate is similar to a DV and OV certificate, but the CA will do a more thorough check of the organisation, including doing checks against official records
In Google Chrome, an EV certificate will stand out as it will display the organisation name next to the padlock icon.
With DV and OV certificates, it will simply display the padlock icon in Google Chrome.
It's worth pointing out that all three types of SSL certificates are valid. It's up to you to choose how much level of protection you wish to have with the users that visit your website.
Standard or Wildcard?
The standard SSL certificate is the most basic SSL certificate, and will support one sub domain and one sub domain only. This becomes an issue if you have your main website on www.mydomain.com, but you also another website (say a blog) on a sub domain (like blog.mydomain.com). With this scenario, the standard SSL certificate will not cut it.
This is where you can purchase a wildcard SSL certificate. Wildcard SSL certificates allow you to have as many subdomains as you want on your domain, but the price does come at a premium compared to a basic SSL certificate.
At time of writing, 123 Reg offer a Standard DV SSL certificate for £47.99+VAT/year. A Wildcard DV SSL certificate goes for £183.99+VAT/year.* That's a wopping 283% increase on the annual price when purchasing a Wildcard SSL certificate.
Just a thing to note with Wildcard SSL certificates, you can only use them on one domain (mydomain.com), but you can create as many sub domains as you like on that domain.
Like purchasing a domain name, SSL certificates have an expiry date. For a lot of SSL certificates purchased, the Certification Authority (CA) will offer a valid SSL certificate for a year.
With Google Chrome and pretty much every other browser, you can click on the padlock icon next to the web address and see when the certificate is valid from and when it's valid until. It will also display other information such as the domain the SSL certificate has been issued to, and who issued the SSL certificate.
What if I don't renew the SSL certificate?
This is something you don't want to do. If you let the SSL certificate expire and do not renew it, the browser will display an error and will prevent users from accessing your site from the https protocol. You can kiss goodbye to your traffic, conversions and search results if you don't take immediate action to renew your SSL certificate.
Some years back, SSL certificates were commonly used for websites that took personal details, or online payments, such as an ecommerce website.
However, Google is now pushing for websites to be secure and it has been known to improve search results.
So as I said at the beginning, if you are running an online business, having an SSL certificate is now a must if you want to have success.
About the author
Senior .NET web developer | ASP.NET Core | C# | Software developer