SSL Certificate Basics and Tips
What is SSL?
An SSL certificate is a script that is installed on your site's web server, which does two very important things:
- It interacts with a third party SSL vendor that validates and verifies for your customer that you are who you claim to be.
- When your SSL is "invoked" by using https: at the beginning of your URL, the server will encrypt all content sent to a user's browser commonly using 128 bit or 256 bit encryption. The encrypted content can only be unencrypted by the browser that requested it. This prevents any unknown party from being able to intercept any sensitive data.
An SSL certificate is a requirement for any eCommerce site.
SSL certificates, or certs, are purchased through third parties or often made available by your host. Many hosts offer a free shared SSL, but these are to be avoided. Many times on a secure site, when you get the annoying pop up stating that "some items on this page are not secure", it's a shared SSL at fault. If any images, includes, or other elements of your page originate outside of the SSL, this message will be shown. Since your host's SSL is usually on another server and they are simply mapping a portion of your site over to this server, it breaks up the physical continuity of your site, resulting in this message.
Next, if you are using a shared SSL and the customer clicks on the gold lock or SSL symbol in their browser to verify the security of the site, your host's information shows up, not yours. This will understandably convince many customers to discontinue their purchase and go elsewhere. How many sales are you willing to lose in an effort to save a few dollars?
So, pay the little bit of money and get your own SSL and have it installed to the root directory of your site. The result? No pop ups, and a reassuring SSL Certificate that has your company's name on it.