About SSL Certificates

What is an SSL Certificate?

Secure Sockets Layer Certificates or SSL’s are 2-component encryption software products, which secure the connection between the website user and the website operator and their web server.

This secure connection protects any data being passed/uploaded by the user to the server.

The presence of an SSL certificate is normally indicated by a Padlock image displayed in or around the browser's address bar. More recently, with the advent of Extended Validation SSLs, modern browser's may also display a Green Bar in their address bar.

Why use SSL?

The market for SSL certificates has matured rapidly over the last 15 years to the extent that Internet Retailers are required to use SSL certificates to encrypt all Payment Card transactions and any personal data captured by their servers via their websites. Payment Card Industry compliance has driven this standardization. There are a number of Certificate Authorities and other vendors selling SSL certificates online and through approved resellers.

What are the different types of SSL Certificates?

There are basically 3 standard types for Internet Retailers / Website Operators and other more specific, Enterprise Class certificates like Unified Communications SSL, which protects remote access to email servers. All Certificate Authorities sell broadly similar classes of certificates, but rather confusingly, they have adopted different terminology for the same certificates and associated feature-sets.

Extended Validation SSL – a High Assurance Certificate, which enables the Green Bar in your browser. This tells your customers that you have been have been vetted thoroughly and that their card payments are protected by the highest level of trust. EV SSL affords the highest level of trust and these certificates cannot be obtained by rogue traders or cyber criminals.

Organisation Validated SSL – a High Assurance Certificate. OV certificates offer full business validation and payment protection, but not the all important Green Bar, which confirms thorough validation and offers better website promotion.

Domain Validated SSL – an Instantly issued, Low Assurance certificate providing basic protection. Not often used now by Internet Retailers to protect every aspect of their customers’ interaction. Recommended only for websites which do not take card payments. Any website owner can obtain a DV SSL Certificate. This offers unscrupulous traders the opportunity to install an SSL certificate and appear to be protecting website users.

Warning – not all SSL certificates are bullet proof. Some Low Assurance certificates are “hackable". Always ensure that any SSL certificate you purchase offers at least 256-bit protection and also that it does not contain the MD-5 hash, which offers hackers the ability to tamper with payment card data. All our certificates meet or exceed these requirements.

Another warning - Self Signed / Self Generated 'server' Certificates will not be recognised by external browsers - unless 'your certificate' is pre-installed on that user's machine. The browser will generate error messages and warnings so are not suitable for browser-based access.