What is SSL? SSL Certificate Basics


What is SSL? SSL stands for Secure Sockets Layer, an encryption technology that was originally created by Netscape in the 1990s. SSL creates an encrypted connection between your web server and your visitors' web browser allowing for private information to be transmitted without the problems of eavesdropping, data tampering, and message forgery.

To enable SSL on a website, you will need to get an SSL Certificate that identifies you and install it on your web server. When a web browser is using an SSL certificate it usually displays a padlock icon but it may also display a green address bar. Once you have installed an SSL Certificate, you can access a site securely by changing the URL from http:// to https://. If SSL is properly deployed, the information transmitted between the web browser and the web server (whether it is contact or credit card information), is encrypted and only seen by the organization that owns the website.

Millions of online businesses use SSL certificates to secure their websites and allow their customers to place trust in them. In order to use the SSL protocol, a web server requires the use of an SSL certificate. SSL certificates are provided by Certificate Authorities (CAs).


SSL and TLS generally mean the same thing. TLS 1.0 was created by RFC 2246 in January 1999 as the next version of SSL 3.0. Most people are familiar with the term SSL so that is usually the term that is used when the system is using the newer TLS protocol.

Why do I need SSL?

SSL helps prevent attackers or intrusive companies such as ISPs from tampering with the data sent between your websites and your users’ browsers. It is critical for protecting sensitive information such as a credit card numbers but it also protects your site from malware and prevents others from injecting advertisements into your resources. Read our why SSL is necessary page to learn more.

What is a certificate authority (CA)?

A certificate authority is an entity which issues digital certificates to organizations or people after validating them. Certification authorities have to keep detailed records of what has been issued and the information used to issue it, and are audited regularly to make sure that they are following defined procedures. Every certification authority provides a Certification Practice Statement (CPS) that defines the procedures that will be used to verify applications. There are many commercial CAs that charge for their services (VeriSign). Institutions and governments may have their own CAs, and there are also free Certificate Authorities.

Every certificate authority has different products, prices, SSL certificate features, and levels of customer satisfaction. Learn more about choosing a certificate provider or read our SSL Certificate reviews to find the best provider to purchase from.

What is browser compatibility?

The certificate that you purchase to secure your web site must be digitally signed by another certificate that is already in the trusted store of your user's web browser. By doing this, the web browser will automatically trust your certificate because it is issued by someone that it already trusts. If it isn't signed by a trusted root certificate, or if links in the certificate chain are missing, then the web browser will give a warning message that the web site may not be trusted.

So browser compatibility means that the certificate you buy is signed by a root certificate that is already trusted by most web browsers that your customers may be using. Unless otherwise noted, the certificates from all major certificate providers listed on SSL Shopper are compatible with 99% of all browsers. For more details about a specific certificate provider, see SSL Certificate Compatibility.

How many domain names can I secure?

Most SSL server certificates will only secure a single domain name or sub-domain. For example, a certificate could secure www.yourdomain.com or mail.yourdomain.com but not both. The certificate will still work on a different domain name but the web browser will give an error anytime it sees that the address in the address bar doesn't match the domain name (called a common name) in the certificate. If you need to secure multiple sub-domains on a single domain name, you can buy a wildcard certificate. For a wildcard certificate, a common name of *.yourdomain.com would secure www.yourdomain.com, mail.yourdomain.com, secure.yourdomain.com, etc... There are also special certificates such as Unified Communications (UC) certificates that can secure several different domain names in one certificate.

What is a trust seal?

A trust seal is a logo that you can display on your web site that verifies that you have been validated by a particular certificate provider and are using their SSL certificate to secure your site. It can be displayed on secure and non-secure pages and is most appropriate on pages where customers are about to enter their personal information such as a shopping cart page but they can be displayed on every page to help build trust. Every certificate authority's trust seal is different and some look more professional so you should consider what the seal looks like in order to maximize customer trust. To learn more about trust seals read Gain Trust Online Using Trust Seals.