HostKitten > Knowledgebase > Site Building > What is SSL and do I need it?
SSL stands for Secure Sockets Layer. This is technology derived in part from the military that encrypts data transfers across the internet. There are several flavours of SSL but the most prevalent one today is 128 bit encryption, which is quite sufficient for any type of commercial website.
If you are an e-trader, SSL encryption protects your customers transaction details as they are passed back and forth between their browser and your server/domain. The data encryption happens at one end using a key and is deciphered at the other end using an equivalent key. The permutations for how data can be encrypted are astronomical, making it virtually theft and interference proof during transit.
Do I Need It?
You need SSL if you are selling to the public. People will not (and should not) give their private and confidential information such as credit card details or even their address/phone number over an insecure connection. Before entering their credit card details, they will (and should) look for the little lock telling them whether your site is secure or not - and if it's not there, they will buy from somebody else who does offer that security. You definitely need it if you have an online store or accept online orders and credit cards, process sensitive data such as address, birth date, license, or ID numbers, and if you value privacy and expect others to trust you.
Why are there so many certicates?
The cost of SSL certificates varies quite a bit, from as little as $20 to as much as $3,000 or more per year. They all offer 128 to 256 bit encryption, so why such a big difference? There are three main reasons:
- Brand recognition. A website that proudly features a well known brand logo on their site pays dearly for the privilege, sometimes thousands of dollars per year. Usually these highly paid certificates offer a few extra options, such as a "green address bar" that the customer will see in their Internet browser.
- Assurance. Different certificates give different levels of assurance to your website visitors about who you are. Traditional "high-assurance" certificates verify that the secure site belongs to your company, while so-called "domain-only certificates" only promise that the website belongs to the person who controls your domain name. In practice, this is not a major issue for most sites, because website visitors are generally happy as soon as they see the "lock" icon in their browser window. Very few users look at the details of a secure site's certificate. And those who do will see that the secure site belongs to the legitimate owner of the domain nameā and there's nothing confusing or frightening about that.
- Wildcard certificates. Some expensive packages offer a wildcard certificate, which allows you to secure an unlimited number of sub-domains on one domain name. If you have 10 sub-domains (such as forum.yourdomain-etc, store.yourdomain-etc, wiki.yourdomain-etc) to secure you could pay $2000 (at $200 each) using single name certificates or just $500 for one wildcard certificate.
Enough theory, what should I buy?
It all depends on your wishes, and your wallet. Most small to mid-sized companies would not need a fancy 1000$$$ certificate, just to pay for the well-known brand name. Truthfully, all genuine certificates are equally safe. HostKittenĀ has partnered with RapidSSL, and can offer you the certificate for a very reasonable price. Needless to stay we will take care of the server part, such as getting a dedicated IP address (which is a requirement for any SSL certificate), make sure to get the public and private key and install your SSL on our server.
Is there anything I should I do after I get my SSL certificate?
If you visit a website or webpage, and look at the address in the web browser, it will likely begin with the following: http://. This means that the website is talking to your browser using the regular 'unsecure' language. In other words, it is possible for someone to "eavesdrop" on your computer's conversation with the website. If you fill out a form on the website, someone might see the information you send to that site.
This is why you never ever ever enter your credit card number in an http website!
But if the web address begins with https://, that basically means your computer is talking to the website in a secure code that no one can eavesdrop on.
Once your SSL is installed, you can still access your site by typing http://yoursite-etc, as well as your new https:// address. So, in order to make full use of your secure connection, you have to update the links on your website. If you created your site from scratch using an html editor, you will have to change every instance of http://yoursite-etc to https://yoursite-etc.
If you use a content management system such as osCommerce, you will need to visit their site and find out how to set the configuration path for https:// to enable SSL, then the code should take care of the rest. In short, neither you nor your customers has to type in https:// into the address line to get to secure pages. osCommerce will identify from the configuration if SSL is installed and direct browsers to the correct page depending on what the browser is doing on your site.
I already have an SSL certificate I bought elsewhere, can I use it on HostKitten?
Yes, of course you can. However, installing an SSL certificate involves quite an extensive amount of work, as well as it requires a dedicated IP address. Therefore, if you wish to use a 3rd party SLL certificate, we will have to charge you an additional fee. Please contact us for further details and we shall be happy to discuss details with you!
Add to Favourites 
Print this Article
Powered by WHMCompleteSolution
