What is SSL?

Security Socket Layer (SSL) is an encryption technology that secures the connection between a web server and a web browser. 

The SSL protocol protects sensitive information of both the website owner and users when exchanging data online.

While it has been succeeded by Transport Layer Security (TLS), the term SSL is still used to refer to this technology.

How does SSL work?

SSL communication is established only if both a browser and a web server complete the SSL handshake process.

After a visitor’s browser initiates an SSL/TLS connection with a web server, the latter sends its copy of the SSL certificate and its public key as proofs of identification. 

A public key is one of the two files needed to establish an SSL/TLS communication.

The browser checks the certificate’s authenticity by cross-checking it against various Certificate Authorities (CA) —  organizations responsible for validating your web identity. 

If the browser deems the key authentic, it sends back a session key encrypted using the public key of the webserver.

The server decrypts the key using a private key, which is kept private unlike its counterpart and sends back a digital acknowledgment encrypted using the session key.

All data exchanged between both parties is encrypted and decrypted using the session key.

What is an SSL certificate?

HTTPS (Hypertext Transfer Protocol Secure) is an internet protocol that adopts SSL technology to establish a secure connection between a server and a browser. 

A TLS certificate is a digital certificate that enables HTTPS to secure your website’s data exchange upon installation.

TLS certificates are available to purchase from CAs. After the CA verifies the certificate, you have to install it on your website manually.

You can use online SSL checker tools or look for a padlock icon next to its URL on a web browser to check whether a website has a TLS certificate.

Why should I get an SSL certificate?

Installing a certificate helps make sure all the transactions and login credentials of your customers are safe from unauthorized third parties.

By having a secure website, it is easier for you to build trust with your audience — encouraging communication and purchases for a better conversion rate and user experience.

As search engines deem HTTPS a ranking factor, establishing an SSL connection helps you optimize the website’s SEO. 

By ranking higher on Search Engine Results Pages (SERP), you will likely generate more traffic to your website.

Having an SSL certificate installed is also one of the Payment Card Industry’s (PCI) requirements for eCommerce websites.

Since unprotected websites cannot guarantee the security of a cardholder’s personal data and credit card numbers, they cannot accept card-based online payment.

Are all SSL-protected websites safe to use?

While the HTTPS protocol does not fully guarantee a website’s safety, it helps confirm that it belongs to its rightful owner — thus improving its trustworthiness.