What are SSL certificates and how do they work?

Does your website say “Not Secure” in the address bar?

It’s time to get an SSL Certificate.

Google started showing a “Not Secure” error message back in October 2017 for any web page that has a contact form but no SSL certificate, as well as for any website that is viewed “Incognito” without one. They’ve since taken that a step further.

According to Chrome security product manager Emily Schechter, Google started marking all non-https sites as “Not Secure” in the popular browser back in July 2018. And they did just that. The message reads “NOT SECURE”, so you can imagine your customers won’t like seeing that.

Until recently, SSL certificates were considered an optional expense for most websites. Only e-commerce and large companies prioritized obtaining them. But times change, and this change is for the better.

Many SEO-conscious companies have avoided transitioning to https simply because of the potential impact it could have on their website’s search engine rankings. There was a time that this was true, however, Google has made it clear that they will not punish a website for redirecting from http to https.

And due to their efforts to promote a more secure web, you can see where we’re going with this: it’s time to get an SSL certificate on your website.

What is an SSL Certificate and what does it do?


At its core, SSL (Secure Sockets Layer) is meant to connect computers to a secure server. SSL Certificates are small data files that digitally bind a cryptographic key to an organization’s details, which in turn, makes websites safer. An SSL certificate guarantees that customers’ personal information will not be stolen or misused.

SSL is the underlying technology used to transfer credit card details, banking details, tax information, login details, or other personal information to a web server — including details included in theURL. It is mandatory for sites where multiple transactions take place on a daily basis, as it protects their business interests and reputation, as well as their customers’ data.

Types of SSL Certificates

Choosing the ideal SSL certificate requires some thought and consideration. Due to the availability of numerous SSL certificate types and providers, it helps to be aware of the different types of certificates and how to use them.

Let’s get started with understanding the various types of SSL Certificates and how they can accommodate your business needs. SSL Certificates are categorized based on validation levels and the number of secured subdomains and domains.

Consideration 1: What level of validation do you need for your website?

At the validation level, organizations are issued certificates by authorities only when their identities have been validated. There are 4 main types of certificates, and each has a different level of requirements.

1. Domain Validated (DV) Certificates

These are the lowest and most basic level of validation – known as low assurance certificates. This basic level of certificate is great for most sites, as it tells the visitor that the website uses encryption to send personal data.

Process: The Certificate Authority (CA) verifies that an organization has control over the domain and approves the request.

The verification process takes place via email or by configuring a DNS record for the site or HTTP.

Time and Cost: The process takes anywhere from a few minutes to a few hours. As the process is automated, the expenses are minimal.

Indicator: DV certified websites display a green lock or a grey lock in the browser.


Who Should Use It: Bloggers, photographers, hobbyists, and sites that provide information to the visitors. If you’re looking for the certificate to be issued immediately, this is the certificate you want. You can also use it for your internal systems.

2. Organization Validated (OV) Certificates

Offers a medium level of validation, known as high assurance certificates. This level of certificate is similar to DV, except it always tells a privy user that your website is verified to represent who you say you are, in addition to showing that you use encryption for sending data.

Process: The Certificate Authority (CA) conducts a basic investigation of the organization by real agents. It involves getting in touch with the organization to ensure its authenticity.

The Certificate Authority validates the ownership of the domain along with all the information that the organization included in the certificate, such as the name and physical address.

Time and Cost: It can take up to a few days to get this certificate, and the cost is higher than domain validation.

Indicator: Websites display a small padlock with the “https” prefix in the browser bar. When users click on the Secure Site Seal, it will show you that the certificate is valid.


Who Should Use It: This certificate is ideal for small e-commerce sites, but can be used by any business or organization.

3. Extended Validated (EV) Certificates (aka “Green Bar” certificates)

Offers the strictest level of validation and provides the highest degree of assurance. This is the king of Certificate types, showing that your business takes security very seriously.

Process: The Certificate Authority (CA) validates the ownership along with the organization information, physical location, and the legal existence of the company.

It also validates whether the organization is aware of the SSL certificate request before approving. In this process, documents are mandatory as they help certify the company identity.

Time and Cost: The process takes weeks and is the most expensive of all the validation processes.

Indicator: EV certificate turns the visitor’s browser bar green, indicating a high level of security.


Who Should Use It: All websites that conduct financial transactions.

4. Self-Signed Certificates

Apart from the SSL certificates types mentioned above, you can also settle for Self-Signed certificates or certificates signed by their creator, as opposed to a trusted authority. Free of charge, these certificates encrypt personal details similarly to other SSL Certificates.

Who Should Use It: Almost nobody. These certificates prompt most of the servers to display a security alert, and often advise the visitors to abandon the page due to potential security risks. While it isn’t recommended for public use, you can use it internally.

5. AutoSSL from cPanel

If your website is hosted on a cPanel server, one option is to use AutoSSL. This feature automatically generates a DV level certificate for your website. AutoSSL can also automatically install if your purchased certificate expires. This way your website has no gap in security.

The difference between this and paid certificates is that the length of time these certificates are valid is generally very short (a few months), whereas a typical certificate can be registered for 1-3 years, however they can typically be set to automatically renew. I should also note that there is often a limit to the number of websites on one server that can have AutoSSL enabled.

Consideration 2: How many websites are you securing?

Besides the validation level, you will also want to consider the number of Secured Domains And Subdomains. Apart from their validation levels, SSL certificates are also issued based on the number of domains and subdomains.

1. SSL Certificates for a Single-Name Domain 

This helps protect a single subdomain or a hostname. Opt for this if you skipped securing a domain or a subdomain that was added to the site at a later point in time. E.g. It can protect xyz.com, but not abc.xyz.com. These will typically still work with or without www (ayokay.com or www.ayokay.com will work).

2. Wildcard SSL Certificate

This helps protect a limited or unlimited number of subdomains for any single domain. It means that apart from your homepage, it will also cover other subdomains.

E.g. It can protect xyz.com, abc.xyz.com, and so on and so forth.

3. Unified/Multi-Domain/SAN

This helps protect as many as 210 domains with a single certificate using the SAN (Subject Alternative Names) extension. The number offered depends on the provider.

If you’re looking forward to securing Microsoft Exchange and Office Communications environments, this certificate is your best bet.

The certificate is also compatible with shared hosting.

E.g. It can protect xyz.com, abc.com, etc.

https ssl certificate for website

Essential Pointers for Buying the Best SSL Certificate

Before you buy an SSL certificate from a reliable provider, here are some essential pointers to help you make a more informed decision:

  • Know Your Requirements
    A basic rule of the thumb is to know why you need an SSL certificate and what it requires.

    • Do you need to secure more than one domain?
    • Do you have an e-commerce website?
    • How important is your customers’ or clients’ trust?
    • How much are you willing to spend?

    Questions like these will help you correctly assess your needs and take the next step for buying the best certificate to meet your end goals.

  • Choose the SSL Certificate Provider – There are several well-known SSL Certificate Providers – such as VeriSign, Comodo, GeoTrust, Symantec, and Digicert. It can be perplexing to pick and choose. Be sure to consider the following factors:
    • The brand’s reputation
    • Reviews posted by previous users
    • Level of service
    • Issue time
    • Server licensing
    • Compatibility
    • Supported browsers
    • Trust level
    • Site seal
    • Warranty

    Also, before moving forward with a provider, weigh all the pros and cons of various packages. Reading their whitepapers and blogs will give you a better idea. Take your time in consuming all the information carefully!

  • Decide What Fits Your Business and Budget

Various SSL Certificate Providers have different packages for the certificates. Establishing a budget can help you in choosing a provider without the cost going through the roof! At the same time, don’t settle for anything that’s subpar just because you don’t want to overstep your budget. The certificate you choose can have an impact on your website in the long run.

Should I buy an SSL Certificate for my website?

Absolutely. If you want to increase customer confidence and promise high levels of security, SSL certificates are a must. Not only that, you certainly don’t want your visitors to see “Not Secure” on your website.

Apart from procuring the certificates, you must also ensure that they all stay up-to-date. Keep an eye on their expirations. Buying and maintaining SSL certificates is a continuous and important process that will help to create trust with your customers.

How do I buy an SSL Certificate?

The answer to this question varies depending on where your website is hosted. In most cases, you are free to purchase a certificate from any SSL Certificate provider and install it on your server. However, this is not always the case, and it is best to ask someone knowledgable on the process — especially because the process is quite technical.

Of course, I would be happy to help you. Just give me a shout on our contact page!

2 Replies to “What are SSL certificates and how do they work?”

Comments are closed.