Insights

Questions to consider before you buy an SSL Certificate

An SSL certificate for your website is essential to guarantee the security and integrity of the information on your site, for your business and for your customers.

A Secure Sockets Layer (SSL) and its newer incarnation, Transport Layer Security (TLS) are both commonly referred to as SSL certificates. What that means is that these extra layers of security encrypt data while it is being transferred across the Internet, ensuring the information exchanged is private, secure and can be authenticated and trusted by web browsers.

Do you really need one?

The short answer is: Yes. If your website is going to involve credit card numbers, bank details or personal information of any kind, you need to consider your customers’ privacy as well as the integrity of your business. While online hackers pose a persistent threat to your website, it’s identity theft that can be harder to trace and even more debilitating for your business.

An extra incentive to get an SSL certificate ASAP is the recent revelation on the official Google security blog that starting from January 2017, Google Chrome will begin flagging sites without an SSL certificate as “Not Secure”.

Is this your first SSL certificate?

If you haven’t ordered an SSL certificate before, here’s a quick guide to the steps you’ll need to take:

  • A Certificate Signing Request (CSR) needs to be generated. This is an encoded request from your web hosting provider. The CSR needs to provide your domain name, organisation, location and contact details
  • Check you can retrieve email messages from your domain registration administrator or technical service providers because that is the email address the SSL certificate authority will use to verify you as the domain owner.
  • It’s a good idea to have an alternative verification method available to make ordering the SSL easier. This is particularly relevant if you have changed hosting companies or domain registration companies. Many SSL certificate authorities will allow a variety of email addresses connected to your domain, such as:
    • admin@[domain]
    • administrator@[domain]
    • hostmaster@[domain]
    • webmaster@[domain]
    • postmaster@[domain]

Where can you get an SSL certificate?

Internet browsers such as Explorer, Firefox, Chrome and others, maintain lists of trusted SSL certificate authorities. If your site is using a genuine certificate authority, your browser will recognise your site as secure.

What’s a wildcard SSL certificate?

A wildcard SSL certificate provides the same level of encryption and certification, but applies this same security method across every subdomain of a website. For example, your online shop might have a sub domain, such as shop.yourdomain.com.au. A wildcard SSL certificate will cover this subdomain and any others on your site.

How long should the whole process take?

If the information you submit is correct, an SSL certificate can be issued in minutes. This also depends on a quick response from your authorised domain administrators and web hosting providers (see above). SSL certificates are issued for a specific timeframe – usually anywhere between 1-3 years. Depending on the certificate authority, auto-renewal is available to ensure your site is always secure.

For more information about SSL certificates and their relevance to your business, contact iFactory today. As part of our website support plans, we’ve been designing, hosting and maintaining secure websites for a wide range of businesses. Call 07 3844 0577 now.

Read more insights