Login | Live Chat

What is SSL (Secure Sockets Layer)?

SSL (Secure Sockets Layer), is a standard security protocol for establishing an encrypted link between a server and a web browser. This link ensures that all data exchanged between the browser and the server remains secure.

SSL allows your website and your visitor’s browser to transmit private, sensitive information without the worry of eavesdropping, web forgery, and data tampering.

How can I tell if a site has an SSL connection?

If a website URL starts with HTTPS:// and there is a padlock in the address bar, then the website is using a secure TLS/SSL connection.

Definition of SSL

Why SSL is important?

The primary importance of installing an SSL Certificate is to initiate a secure session between a web server and a browser. Once a secure connection is established, all information passed between the web server and the visitor will be kept private and encrypted

Other SSL advantages:

  • Improves customer’s trust. The little padlock assures customers that their information will not be compromised. The data will be sent to the intended target servers, and it will not be redirected to unauthorized third parties. Before getting your certificate, the CA will verify your authenticity as it only distributes SSL certificates to genuine companies and businesses.
  • Protects information against phishing attacks. Phishing sites are fraudulent copies of famous websites whose purpose is to trick you into submitting valuable information like your credit card or social security numbers. Phishing sites often have the same look and feel as the original site, but the website address is different and it is usually not secured with an SSL certificate. PayPal.com, for example, is a popular target for these fake, copy-cat phishing sites. Extended validation certificates protect you against phishing attacks by showing the full business name of the website owner in the address bar. Phishing site operators cannot obtain an EV certificate due to the extensive validation requirements.
  • Better search engine rankings. HTTPS is now considered as a ranking signal by one of the biggest search engines in the world, Google. If you’re doing optimization, you should consider getting an SSL certificate to help boost your rankings, especially for ecommerce sites.

How does SSL work?

The following is a step-by-step outline of the SSL connection process:

  • A user requests a web address beginning with https:// using their internet browser. The browser requests that the server identifies itself.
  • The server replies by sending a copy of its SSL certificate, which includes its public key.
  • The browser checks the certificate root to find if it belongs from a trusted CA. It also checks if the SSL certificate is unexpired and unrevoked. Moreover, it checks if its common name is valid for the website itself.
  • Once the browser confirms that it can trust the website, it creates, encrypts, and sends back a symmetric session key using the server’s public key.
  • Now, the server decrypts the symmetric session key using its private key.
  • In return, the server sends back an acknowledgment encrypted with the session key to start the encrypted session.
  • Now, all data transmitted between the server and the browser is encrypted.

How ssl works

Who issues SSL Certificates?

SSL Certificates are issued by a Certificate Authority (CA), along with other digital certificates. They confirm the identity and ownership of the business or company applying for the certificate. These issued certificates are chained to a trusted root certificate owned by your chosen CA. Trusted root certificates are embedded in a “certificate store” in popular web browsers such as Firefox, Chrome, Internet Explorer, and Safari.

Whenever you visit a website which uses an SSL certificate, your browser checks that the certificate is signed by one of the trusted roots in its store. If it isn't, it will warn you that the connection is not secure. Everybody else who visits your site will also see an error message. This is why we recommend purchasing an SSL certificate only from a trusted CA.

How do I implement SSL on my site?

Setting up SSL on your website is easy! In general, these are the 3 simple steps for installing your new SSL certificate.

  • 1. Purchase a certificate issued by a trusted CA

    Trusted Certificates can be bought from your web-host or direct from a trusted CA like Comodo. Certificates from a trusted CA will be recognized by all popular internet browsers used by your visitors (Chrome, Firefox, Internet Explorer, Safari etc). See 'What are the Types of SSL?' further down this page for a short guide on the types of certificate available. See https://ssl.comodo.com/ssl-certificate.php to start choosing your certificate.

  • 2. Activate and install the certificate

    If you bought your certificate from your web-host then they can do this step for you. If you are managing the site yourself then the two steps you need to complete are to generate a certificate signing request (CSR) and then to install your certificate. Comodo offers a range of documents to help complete both tasks on different web server software:

    CSR generation guides - see https://support.comodo.com/index.php?/Knowledgebase/List/Index/19/csr-generation
    Certificate installation guides - see https://support.comodo.com/index.php?/Knowledgebase/List/Index/37/certificate-installation

  • 3. Convert your whole site to HTTPS

    After installing your certificate on your target pages, why not modify your site so that all content is served securely? The internet is fast moving towards a default HTTPS for every page, and Google is even giving websites better search ranking if a page is served over HTTPS.

What Are the Types of SSL?

Because of the differing demands of websites worldwide, SSL certificates have diversified into a range of different types. The main validation levels are Extended Validation certificates (EV) and Domain Validated certificates (DV).

Each type has varying levels of user trust. Let’s talk about these levels of user trust and what Comodo has to offer for each level.

Extended Validation Certificates

EV certificates provide the highest levels of security, trust and customer conversion for online businesses. EV certificates are issued only after the issuing CA has conducted rigorous background checks on the company according to the guidelines laid out by the Certificate Authority/Browser (CA/B) Forum. Because of this, EV certificates contain a unique differentiator designed to clearly communicate the trustworthiness of the website to its visitors. Whenever somebody visits a website that uses an EV certificate, the address bar will turn green in major browsers such as Internet Explorer, Firefox and Chrome. EV certificates are used by all major online retailers and banks and are highly recommended for businesses that wish to immediately build customer trust in their site.

Example - Comodo EV SSL

Domain Validated Certificates

DV certificates provide the same high levels of data encryption as EV and OV but do not provide assurance about the identity of the business behind the website. Whereas EV and OV certificates are only issued after the applicant organization has been manually vetted by a certificate authority, DV certs are issued after domain control has been established using an automated, online process. DV certs are a popular choice among small-medium sized web sites because of their faster issuance times and lower price points.

Examples - Comodo SSL, Comodo SSL Wildcard

Where can I purchase an SSL certificate?

To view and purchase Comodo SSL certificates, please visit https://ssl.comodo.com/ssl-certificate.php

Comodo is the world's largest certificate authority and offers certificates suited to a wide range of business needs. All certificates offer the following features:

  • Industry leading issuance times
  • Highest possible levels of encryption and security
  • Trusted by 99.9% of browsers and mobile devices
  • Free 1 year PCI scanning
  • Free 1 year website vulnerability scanning
  • Free Trustlogo site seal to improve customer conversion
  • Huge relying party warranty
  • 30 day money-back guarantee
  • 24/7 phone, mail and web support

Frequently Asked Questions about SSL and SSL Certificates

Can I use one SSL for my other domains?

Typically, you can only secure one domain or one subdomain to one SSL certificate. But if you need to secure different subdomains under one domain name, a Wildcard SSL certificate is the one you need. A Unified Communications (UC) certificate can secure several domain names in only one certificate for Microsoft Exchange 2007 or higher.

Does SSL protect my website entirely?

SSL can only secure the connection between a server and the client, but it has no control over the security of the server. In other words, SSL secures the transmission of information from the browser to the server. If the server or the client (user) is attacked directly, SSL has no security over them. Either implement a good IT security policy and/or install a security program on the user's side.

What does SSL protect, specifically?

It protects the information sent to you by the user from the page you have SSL or HTTPS on. It prevents 3rd parties from eavesdropping on the communication between the user and the site.

Can I trust "FREE TRIAL" SSL certificates?

Yes, you can. A Free Trial SSL is just the same as what we provide for purchased SSL certificates. Trial SSL certificates are usually time-restricted, either for 30 days or 90 days (Comodo provides 90 days of FREE SSL).

Webinar