A Guide to Secure Sockets Layers (SSL)

What is an SSL Certificate?

Ever wondered why some website URLs have http:// starting it while some others have https:// starting it? You might think that the only difference is the extra "s", but there is more to it. The extra "s" means your connection to that website is encrypted and secured and any data you exchange on the website is safe. This is made possible by what we call an SSL – Secure Sockets Layer. SSLs are a big deal when it comes to exchanging data on a website especially when payment is involved. So both consumers and marketers need to take note of such concepts and tech.

Let's take a look at why SSL is so important in the digital space, website space, and eCommerce space. We would address the following areas in this article:

  • What is an SSL certificate?
  • The Types of SSL certificates
  • How does an SSL certificate work
  • Why you need an SSL certificate

As earlier stated SSL stands for Secure Sockets Layer. This is a standard security technology for connecting a client and a server using encryption and security protocols. For instance, a connection between a web browser and a web server or a connection between an email client and a mail server is considered a connection between a client and a server that requires encryption.

SSL provides a secure way for sensitive data to be transmitted securely. Sensitive data, in this case, includes social security numbers, credit card numbers, login details, etc. This has to be transmitted without the risk of losing sensitive data to attackers who are eavesdropping and ready to intercept such information.

Every browser can connect with a web server via an SSL protocol but to establish a secured connection, the browser and the server needs an SSL certificate. The most current version of the SSL/TLS (Transport Layer Security) is TLS 1.3 as defined by the RFC 8446 of August 2018.

Understanding the Different Certificates and Which is Right For You

Types of Certificates

SSL certificates are classified under two umbrellas which are further used to classify them into their various types. The classification umbrellas are:

  • Classification of SSL certification based on encryption and validation
  • Classification of SSL certification based on Domain number

Classification of SSL certificates based on Encryption and Validation: Under SSL classification based on their encryption and validation type, we have three types namely: Extended Validation or EV SSL certificate, Organized Validation or OV SSL certificate, and Domain Validation or DV SSL certificates.

Wildcard SSL Certificates

Wildcard SSL certificates allow for a certificate to be used by one domain and also used for subdomains. For instance, if you buy a wildcard SSL certificate for “example.net”, you can make use of the certificate for blog.example.net, mail.example.net, and insight.example.net. This is way cheaper than buying multiple SSL certificates for different subdomains.

Extended Validation or EV SSL Certificate

Having the EV SSL certificate will show in the address bar the HTTPS, padlock, business country, and business name so that the website is not mistaken for a spam site. This is one of the most expensive SSLs to get but they show a high level of legitimacy of your domain and website from the address bar.

Before an EV SSL can be set up, you must verify that you own the domain that you are submitting and that you are legally allowed to collect data from users to undergo certain actions. An example of data to be collected includes credit card information for online payments and transactions.

Businesses that require identity assurance from their users and customers are advised to opt-in for an EV SSL certificate. Examples of businesses that require this are websites that process web payments and collect user credentials.

Organized Validation or OV SSL Certificate

This is more of medium level encryption and verifies that your domain and organization are real. OV SSLs can be obtained in two simple steps.

  • The CA verifies if the domain and the organization are legally allowed to operate.
  • A padlock with the company's name is attached to the browser for users to see that the organization is verified.

Classification of SSL certification based on Domain number: In terms of domain numbers, three types of SSL certificates are available: Wildcard SSL, Multi-domain or Unified communication (UCC) SSL certificates, and Single Domain SSL certificates.

Wildcard SSL Certificates

Wildcard SSL certificates allow for a certificate to be used by one domain and also used for subdomains. For instance, if you buy a wildcard SSL certificate for “example.net”, you can make use of the certificate for blog.example.net, mail.example.net, and insight.example.net. This is way cheaper than buying multiple SSL certificates for different subdomains.

Unified Communication (UCC) or Multi-Domain SSL Certificates

UCC certificates allow you to use multiple domain names on the same SSL certificate. They can allow up to 100 domain names on one SSL certificate. To alter the names you might need to do that with the Subject Alternative Name (SAN) option. An example of using this is www.domain.com and www.domain.co.uk.

Single Domain SSL Certificate

A single-domain SSL certificate can only be used to protect one domain. They cannot be used for subdomains or multiple domains. For instance, if you purchase a single SSL certificate for “example.org” you cannot make use of that SSL for “blog.example.org” or “email.example.org”.

Why are SSL certificates needed?

How SSL Certificates Work

The working principle behind the SSL certificate is simple. Once you install a valid SSL certificate on your server, whenever a browser communicates with your server, the SSL certificate triggers the SSL or TSL protocol which enables encryption of all information sent between the browser and the server; or in some cases between server and server.

The SSL works directly above the Transmission Control Protocol (TCP) as a security blanket to allow higher protocol layers to be unchanged while still providing a secure connection. This means every other protocol functions normally under the SSL protocol layer. This is important in combating attackers. Attackers are only able to see the IP, port, and the amount of data being sent if the SSL certificate is implemented correctly. An attacker might be able to stop the connection between a user and the server but they won’t be able to get any data or information. The following is a breakdown of how the SSL works.

  • The SSL begins with the establishment of a TPC connection. This is followed by what is called an SSL handshake (a request for server identity by the browser)
  • The server sends its certificate to the user with some other specifications like the encryption method and version of SSL/TLS.
  • The validity of the certificate is checked by the user and the highest encryption level is selected that can support both parties.
  • The SSL and TLS protocols then include an authentication procedure via a Message Authentication Code (MAC) to ensure the integrity and authenticity of all information transferred.

This might sound very long but they all happen in an instance.

The benefits of having an SSL certificate are numerous. One of the major benefits is the protection of your sensitive information like credit card numbers, passwords, and usernames. Other benefits and reasons to get an SSL certificate include:

  • Secure data between servers
  • Better ranking on Google Rankings
  • Improve and enhance customer trust
  • Improvement of conversion rates

Clarity Ventures is fully capable of utilizing both front-end and back-end software integrations with your e-commerce platform. We believe in innovative solutions to give your business a competitive edge.

Stay ahead of your game with software such as Epicor, Infor, Syspro, Sage 100, Sage X3, Dynamics GP, ORACLE, Dynamics 365, SAP. Learn more about our eCommerce Framework and feel the difference!