Securing your Website with HTTPS Protocol, Padlock & Green Address Bar!

Establishing secure internet transaction is integral to safeguard the confidentiality and integrity of website communication with browsers. Installing SSL Certificate on the web server is the best way to achieve this.

Let’s have a quick look at how this can be achieved.

What is SSL?
SSL (Secure Sockets Layer) Certificates are small data files that digitally bind a cryptographic key to an organization’s details. When installed on a web server, it activates the padlock and the HTTPS (HTTP Secure) protocol. This enables secure connections from a web server to a browser by establishing an encrypted link between the two.

Why SSL?
Any medium (network/PC) in between you and the server can see your credit card numbers, usernames and passwords, billing details and other sensitive information if it is not encrypted with an SSL certificate. When an SSL certificate is used, the information sent across the Internet becomes encrypted, and hence unreadable, to everyone except for the server, which is the intended recipient.

How Does SSL Work?
When a browser tries to connect to an SSL-secured website, it needs to confirm the trustworthiness of the SSL certificate. In response to its request, the server sends the browser a copy of its SSL certificate. After approving the certificate, the web server returns a digitally signed acknowledgement. This kick-starts an SSL encrypted session wherein encrypted data is shared between the browser/server and the web server.

Securing your website

Where can I get SSL from?
You can get a free SSL certificate signed in various websites through a simple Google search (Eg: https://letsencrypt.org/). Such self-signed certificates help your end-users in not getting warning pop-ups informing them of a suspicious certificate on your end. However, the browser bar is not going to turn green when communicating with your site over https. So this solution is not ideal.

Having a green browser bar conveys security assurance to your visitors. Procuring an SSL certificate is a pricey affair and you would need to prove the identity of your company to the issuer of the certificate by submitting the relevant documents.

The value of the certificate comes mostly from the confidence levels the internet users have in the issuer of the certificate. To that end, Verisign is tough to beat. A certificate says to the client that you are exactly what you claim to be, and the issuer has verified it as true.

What are the important components of an SSL Certificate?
1. A PEM (Privacy Enhanced Mail, a kind of encrypted formatted simply) formatted KEY file
2. A PEM formatted CERT file
3. A PEM formatted CERT CHAIN file (This is available in the repositories of the SSL provider normally)

It can be found in your email inbox, at the time of registration or from the cPanel admin of your provider. Certain providers automatically do this mapping of SSL with a web server, if you purchase both from them.

Different types of SSL
Types of SSL certificates can be grouped under two hoods: Validation Level & Number of Domains/Subdomains.
Validation level:
• Domain Validation (cheapest in price, lowest in validation level, takes few hours to activate)
• Organization Validation (average in price, medium validation level, takes few days to be up)
• Extended Validation (pricey stuff, strict level of security, few weeks to get it activated)

Number of Domains/Subdomains
• Single name SSL (protects only one domain, without any subdomains)
• Wildcard SSL (protects unlimited number of subdomains under a single domain)
• Unified SSL Certificates/Multi-Domain SSL Certificates/SAN Certificates (protects almost 100 domains with a single certificate)

A well explained use case scenario of purchasing SSL from one provider and configuring it in a web server of another provider can be found here.

To protect the online transactions of your customers and to keep their details confidential, implementing SSL for your website is undoubtedly the most effective strategy.