What is SSL and why it's important for your online business
What is SSL and why you should use it

What is SSL and why you should use it


Vu Nguyen
"SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral. SSL is an industry standard and is used by millions of websites in the protection of their online transactions with their customers."

Transport Layer Security (TLS) is the successor to SSL but since SSL is by far most common term on the Internet people still use SSL when talking about these terminologies.

Without SSL, all the data transferred between you and the webserver can be intercepted by others. For eCommerce websites that take customer's sensitive information, this could mean hacked credit cards and other information. For other types of websites, this could mean that the 3rd parties can easily track your browsing traits.

How to know if your site is using SSL

Look at the URL of the website. If it begins with “https” instead of “http” it means the site is secured using an SSL Certificate (the S stands for secure). SSL Certificates secure all of your data as it is passed from your browser to the website’s server. To get a SSL Certificate, the company must go through a validation process.

It makes sense to always use SSL for your website whenever possible. However, there are different levels of validation:

Extended Validation (EV) SSL Certificates: where the Certificate Authority (CA) checks the right of the applicant to use a specific domain name PLUS it conducts a THOROUGH vetting of the organization. The issuance process of EV SSL Certificates is strictly defined in the EV Guidelines, as formally ratified by the CA/Browser forum in 2007, that specify all the steps required for a CA before issuing a certificate, and includes:

  • Verifying the legal, physical and operational existence of the entity
  • Verifying that the identity of the entity matches official records
  • Verifying that the entity has exclusive right to use the domain specified in the EV SSL Certificate
  • Verifying that the entity has properly authorized the issuance of the EV SSL Certificate

EV SSL Certificates are available for all types of businesses, including government entities and both incorporated and unincorporated businesses. A second set of guidelines, the EV Audit Guidelines, specify the criteria under which a CA needs to be successfully audited before issuing EV SSL Certificates. The audits are repeated yearly to ensure the integrity of the issuance process.

Who may need this type of ssl certificate: banks or organizations that requires high level of validation. For these organizations, they need to ensure both the security of the data transferred and the validity of the website (are they who they really claim they are?)

Extended Validation (EV) SSL Certificates

Organization Validation (OV) SSL Certificates: where the CA checks the right of the applicant to use a specific domain name PLUS it conducts some vetting of the organization. Additional vetted company information is displayed to customers when clicking on the Secure Site Seal, giving enhanced visibility in who is behind the site and associated enhanced trust.

Who may need this type of ssl certificate: organizations that do not need the level of validity insurrance that EV SSL certificates provide but still want to show customers they are validated entities.

Organization Validation (OV) SSL Certificates

The cost of using SSL for your website


Certificates cost

Domain Validation (DV) SSL Certificates: where the CA checks the right of the applicant to use a specific domain name. No company identity information is vetted and no information is displayed other than encryption information within the Secure Site Seal.

Who may need this type of ssl certificate: organizations who care about the security of the data transferred but do not need to prove the organization validity (or already have other ways to prove that)

Domain Validation (DV) SSL Certificates

Since the validity of the SSL certificate depends on the validity of the Certificate Authority (CA), the cost of SSL certificate can vary depending on the CA. In theory, the bigger player such as Verisign can give higher level of trust and validation. For that reason, certs issues by Verisign can be many times more expensive that certs issued by smaller players such as RapidSSL.

Setup and maintenance cost

SSL certs are not extremely difficult to setup, but they still require additional amount of work to setup and maintain. In some cases, it's also necessary to purchase dedicated IPs for SSL certs.
It's also note worthy that the server will require a bit more resources to handle these SSL requests and this may imply an increase in spending on server infrastructure.

Added benefits of SSL

SSL can make your website loads faster: with the new http2 protocol (which requires SSL to work in most cases), websites can be loaded faster (in theory)

Web pages with SSL can have a slight SEO advantage over web pages that don't. Google has posted a blog post that mentioned the slight ranking advantage of website with ssl/https

All websites hosted on with Nilead have Domain Validation (DV) SSL Certificates by default. It means your customers will enjoy the benefits of advanced security, speed, and search engine optimization at no additional cost.

about the author


Vu Nguyen
Vu Nguyen
Vu Nguyen is an entrepreneur, a developer, and a founder of nilead.com. While his love is in the backend website development work, his experience covers eCommerce (being both a real online store owner and a developer), Search Engine Optimization, UX Design and Content Strategy.

Since 2005, Vu Nguyen has led and directed UX design, full-stack development teams on projects large and small for corporations, start-ups, individuals and more. He was involved in every task of each project, from idea to concept and vision, prototype, detailed design, build and deployment.