SSL for Newbies

What is SSL / Secure Certificate?

What is it?

SSL and Secure Certificates provide security for your website by encrypting communications between the server and the person visiting the website.

In order to use SSL, you need to have an SSL Certificate (also known as a Secure Certificate) installed on your server, a dedicated IP address, and visitors to your website need to use a modern web browser, such as recent versions of Internet Explorer, Firefox, Safari or Google Chrome.

What is it used for?

There are two main reasons why you would need an SSL Certificate.  The first and most common reason is because you want to accept credit card payments on your website.  The second reason is that you may have confidential information that you want to keep secure while it is being accessed via the web.  SSL Certificates also help to protect your passwords from being intercepted, when typed into a secure login page.

Do I need one?

If you are accepting credit card payments online via a merchant account, the credit card associations and networks require that you use SSL whenever you transmit credit card information, such as the card number, cardholder's name, expiration date, CVV code, etc. (such as when a customer enters their credit card on your shopping cart order form or payment page).  This is an important part of making your website PCI compliant (a set of rules that must be followed in order to accept credit card payments).

In addition to being PCI compliant (which is required by Visa, MasterCard, Discover Network, American Express, Diners Club International, JCB and your payment processing company), your customers also look to see if your order form or shopping cart is secure before entering their credit card information.  You can easily lose sales if your customers see that your site is not secure.

If customers are not entering credit card information directly on your website, but rather entering it directly on a payment processing company's website, such as PayPal, Google Checkout or Amazon Payments, then you do not need an SSL Certificate, since you are not transmitting or storing credit card information.


What type of SSL / Secure Certificate do I need?

Domain Validated Certificate 

For situations where the general public will be visiting a secure section of your site (e.g., making a payment by credit card), you'll want to utilize a private SSL certificate such as this one.  It is directly tied to your domain name, letting customers know they are on the correct website, and unlike a shared certificate, there will be no browser warnings.

Private SSL Certificates are appropriate for e-commerce websites and for any situation where you desire secure communication between your website and its visitors.

Private SSL certificates are provided free with our Business or Enterprise Packages, and are available for purchase with any of our other web hosting packages (except Hatchling).  We provide the Comodo Positive SSL, which is a domain validated certificate. 

Company Validated Certificate 

A company validated certificate is similar to a domain validated certificate; however, additional documentation must be provided to certify your company's identity.  The biggest advantage of a WHOIS company validated SSL certificate is the way your site is displayed in a browser. More validation means more trust, and your visitors will have more confidence in the security of your site.

HostGator provides the Comodo Instant SSL, which is a company validated certificate.

Extended Validation Certificates 

EV certificates provide secure connections, verify the business' identity, and help to prevent fraud through a thorough set of checks and validations.

These certificates are designed to provide a higher standard of assurance for visitors to authenticate the business behind the domain. The green HTTPS address bar is exclusive to EV SSL certificates and reassures website visitors that they are interacting with a verified business on a secured domain.

Wildcard Certificates 

A Wildcard SSL Certificate enables SSL encryption on unlimited subdomains using a single certificate. The subdomains must have the same second level domain name (i.e. domain.com).

Multi-Domain Certificates 

Multi domain certificates make it possible to secure up to 100 domains with a single certificate. You can mix all your different second level domains (i.e. domain.com, www.domain.com, domain.net, and otherdomain.com).


Important things you should know before installing an SSL Certificate

SL Requires a Dedicated IP Address

A private SSL certificate requires its own dedicated IP address.  

Changing to a Dedicated IP Address Requires Time to Propagate

When switching to a dedicated IP, the IP address of your website will change, and the DNS will subsequently need to propagate (update) worldwide, which requires approximately 4 to 8 hours. 

This means that some visitors will be able to view your website at the new IP address immediately, while others will not be able to see it for up to 8 hours after the change to a dedicated IP address.  Planning ahead can minimize the impact.  For example, we don't recommend switching to a dedicated IP address when you are in the middle of a promotion or advertising campaign.

Only One SSL certificate per cPanel Account

On all of our accounts that utilize cPanel there is a technical limitation of one SSL certificate and one dedicated IP per cPanel.  If you would like to have more than one SSL certificate (for a different domain or subdomain), you will need to create another cPanel account.  

More Than One Secured Domain Per Certificate Allowed

Although there is a limit to the number of SSL Certificates per individual cPanel, it is possible to have more than one secured domain name or subdomain incorporated into a single SSL Certificate.  This is achieved by purchasing a multi-domain SSL certificate or a wildcard SSL certificate,  Although more expensive than a regular, single-domain private SSL, you are able to have all the secured domains and subdomains within a single account. They all can share the same dedicated IP address, which saves both the cost of maintaining separate accounts and purchasing more than one dedicated IP.

SSL Certificates Are Issued on an Annual Basis

SSL Certificates are usually purchased with a 1-year expiration date, although multi-year SSL certificates are also available by contacting our sales team.  Before a certificate expires, you will need to purchase a new SSL certificate with a new expiration date.

Despite sometimes being referred to as renewing an SSL certificate, technically you are purchasing a new certificate with a new expiration date.  Although typically we are able to process SSL Certificate orders within 24 hours, due to the potentiality for complications, we recommend that you purchase a new SSL certificate at least one week prior to the expiration of your current SSL certificate.

  • 0 Users Found This Useful
Was this answer helpful?

Powered by WHMCompleteSolution