Homepage Articles What is SSL and why you should use it
Apr 19, 2017

What is SSL and why you should use it

Article brought to you by Nilead, a website builder platform with fully-managed design, development, and management services.

What is SSL and why you should use it


Table of contents

"SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral. SSL is an industry-standard and is used by millions of websites in the protection of their online transactions with their customers."

Transport Layer Security (TLS) is the successor to SSL but since SSL is by far the most common term on the Internet people still use SSL when talking about these terminologies.

Without SSL, all the data transferred between you and the webserver can be intercepted by others. For eCommerce websites that take customer's sensitive information, this could mean hacked credit cards and other information. For other types of websites, this could mean that the 3rd parties can easily track your browsing traits.

How to know if your site is using SSL

Look at the URL of the website. If it begins with “HTTPS” instead of “HTTP” it means the site is secured using an SSL Certificate (the S stands for secure). SSL Certificates secure all of your data as it is passed from your browser to the website’s server. To get an SSL Certificate, the company must go through a validation process.

It makes sense to always use SSL for your website whenever possible. However, there are different levels of validation:

Extended Validation (EV) SSL Certificates: where the Certificate Authority (CA) checks the right of the applicant to use a specific domain name PLUS it conducts a THOROUGH vetting of the organization. The issuance process of EV SSL Certificates is strictly defined in the EV Guidelines, as formally ratified by the CA/Browser forum in 2007, that specify all the steps required for a CA before issuing a certificate, and includes:

  • Verifying the legal, physical and operational existence of the entity

  • Verifying that the identity of the entity matches official records

  • Verifying that the entity has exclusive right to use the domain specified in the EV SSL Certificate

  • Verifying that the entity has properly authorized the issuance of the EV SSL Certificate

EV SSL Certificates are available for all types of businesses, including government entities and both incorporated and unincorporated businesses. The second set of guidelines, the EV Audit Guidelines, specify the criteria under which a CA needs to be successfully audited before issuing EV SSL Certificates. The audits are repeated yearly to ensure the integrity of the issuance process.

Who may need this type of SSL certificate: banks or organizations that require a high level of validation. For these organizations, they need to ensure both the security of the data transferred and the validity of the website (are they who they really claim they are?)

What is SSL and why you should use it

Organization Validation (OV) SSL Certificates: where the CA checks the right of the applicant to use a specific domain name PLUS it conducts some vetting of the organization. Additional vetted company information is displayed to customers when clicking on the Secure Site Seal, giving enhanced visibility in who is behind the site and associated enhanced trust.

Who may need this type of SSL certificate: organizations that do not need the level of validity insurance that EV SSL certificates provide but still want to show customers they are validated entities.

What is SSL and why you should use it

The cost of using SSL for your website

Certificates cost

Domain Validation (DV) SSL Certificates: where the CA checks the right of the applicant to use a specific domain name. No company identity information is vetted and no information is displayed other than encryption information within the Secure Site Seal.

Who may need this type of SSL certificate: organizations who care about the security of the data transferred but do not need to prove the organization validity (or already have other ways to prove that)
What is SSL and why you should use it

Since the validity of the SSL certificate depends on the validity of the Certificate Authority (CA), the cost of an SSL certificate can vary depending on the CA. In theory, the bigger player such as Verisign can give a higher level of trust and validation. For that reason, certs issued by Verisign can be many times more expensive than certs issued by smaller players such as RapidSSL.

Setup and maintenance cost

SSL certs are not extremely difficult to set up, but they still require an additional amount of work to set up and maintain. In some cases, it's also necessary to purchase dedicated IPs for SSL certs.

It's also noteworthy that the server will require a bit more resources to handle these SSL requests and this may imply an increase in spending on server infrastructure.

Added benefits of SSL

SSL can make your website load faster: with the new http2 protocol (which requires SSL to work in most cases), websites can be loaded faster (in theory)

Web pages with SSL can have a slight SEO advantage over web pages that don't. Google has posted a blog post that mentioned the slight ranking advantage of website with ssl/https

All websites hosted on with Nilead have Domain Validation (DV) SSL Certificates by default. It means your customers will enjoy the benefits of advanced security, speed, and search engine optimization at no additional cost.


About the author


Vu Nguyen

Vu Nguyen is an entrepreneur, developer, and founder of Nilead. He loves backend website development and has experience in eCommerce (owning an online store as well as being a developer), Search Engine Optimization, UX Design, and Content Strategy.

Since 2005, Vu has headed and overseen UX design teams for projects in corporations, start-ups, individuals, etc., regardless of their size. He has been involved in both the creative and technical aspects of each project - from ideation to concept and vision, prototype building to detailed design, and build-up to deployment.

You may be interested in