OAn SSL certificate is a good idea for several reasons. This conveys trust to the visitor and is mandatory for web shops, among others.

What is an SSL certificate?

SSL certificates are files containing a cryptographic key that are digitally linked to a company or website. Once installed, they ensure that a lock is displayed in the browser and that the data is sent via the https protocol (port 443). This ensures that this data is encrypted. A must for websites where personal data is sent and entered, such as online stores.

Benefits of an SSL certificate

  • Using websites with SSL is more secure. For example, the data entered during an order or contact form can be retrieved from a website or online store without SSL. This data is encrypted with SSL.
  • Google likes SSL. In fact, Google often places websites with SSL above websites without SSL.
    For example, from 2017 onwards, the Google Chrome browser will indicate that a connection to a website is not secure for websites without an SSL certificate.

What types of certificates are there?

  • Certificate types SSL

    Domain verification and organization verification in the browser bar

    SSL with extended validation (EV): This is the latest certificate with the highest degree of certainty for the visitor with regard to the identity of the owner of the website. In addition to a lock, it also shows a (partially) green bar.

  • SSL with organization validation (OV): This shows a lock. This certificate offers a higher degree of security than an SSL with domain verification. Companies and organizations must provide various documents to demonstrate that they are who they say they are.
  • SSL certificate with domain validation (DV): This shows a lock icon in the browser. No documents are required for this certificate, only a confirmation of the confirmation email sent to a mailbox of the domain in question.
  • Free certificate from Let's Encrypt: Let's Encrypt is an Open Source initiative by Facebook, Mozilla, Cisco, Shopify and HP, among others, and offers the option to set up a free certificate.
  • Wildcard SSL certificate: A wildcard certificate offers an unlimited number of subdomains. Extensive validation is not possible here. However, the number of subdomains covered by the certificate is without limit or additional costs.
  • Multi domain certificates: The certificate can be expanded by reissuing the current certificate for subdomains. There are usually costs associated with reissuing additional subdomains.

Why pay for an SSL certificate?

In the current setup, when applying for a free certificate, there is almost no control over who applies for this certificate. This entails a risk for a visitor compared to a paid certificate.
It is also known that hackers can use and have used these free certificates for the distribution of malware. For example, in the past attacks were encrypted to prevent tracing of the perpetrators. Browsers' appreciation of this certificate is currently still the same as paid root certificates. It is not clear how this will work in the future.

Below are a few more advantages of paid certificates compared to free ones:

  • Paid certificates offer authentication in addition to encryption.
  • Free certificates have a term of only 3 months, unlike paid certificates with a term of 1 to 3 years. This is not an issue with many servers because they can be automatically extended.
  • All support regarding installation and problems is provided for free certificates via user forums and other user initiatives.
  • Multi-domain certificates and wildcards are not possible with free certificates. These two types, with some differences, enable SSL on subdomains such as login.domeinnaam.nl and domainname.nl with one certificate.
  • A paid SSL certificate exudes trust.
  • A paid certificate requires at least verification of the applicant by email or DNS. This shows that the applicant has control over the domain name in question.

From January 2017, Google Chrome will display websites/webpages without SSL differently. Below are the situations:

chromjan1

chromjan2

You can get a paid certificate from €35 excl. VAT per year. We charge a one-off fee of €99 excl. VAT for installation. With Let's Encrypt these costs do not apply.
In addition, depending on the size and structure, we have been busy converting WordPress websites from http to https for a while. This varies greatly per website due to the template and plugins used.

Do you have questions about an SSL certificate on your website or would you like to have an SSL certificate on your existing website or online store?
We are happy to assist you on 0172-897789 or info@milcraft.nl.