Please note, this will add you to our email list. You may opt out at any time. 

What is the purpose of an SSL certificate?
  • It stands for Secure Sockets Layer (SSL)
  • It’s special code on your web server that acts like a bodyguard for your server talking to other servers. Meaning that when someone visits your server (aka your website) from their server (using a browser – i.e. Edge, Chrome, Firefox),  their browser is asking your server for the details so they can load the website
  • That communication, that ask to your server, is encrypted.
    • It’s like a super secret tunnel that the two ends talk thru.
  • Visually
    • Adds the lock symbol to your domain name in the browser
    • And it adds an s to “http://”, making it “https://” for “secure”
    • Most users have come to know to look for either of those two, but especially the lock symbol, when accessing a website
How does a SSL Certificate work? What is an SSL certificate with an example?
  • When someone visits a website with a SSL Certificate, that website sends that person’s browser a special string of numbers and characters called a “key.”
    • Usually looks something like this:
  • Their browser verifies that “yep, that looks legit” and tells the server “OK – send over the website”. That transaction is called a “handshake.” It’s how the browser decides if the site is safe. They check the key, if the key fits the lock, then it’s OK to proceed.
  • From here, the browser and the server talk in a sort of secret tunnel that keeps out anyone else from spying on what they’re saying. That transmission of data from one spot to another is where most attacks happen, most data leaks, so if you’re talking in a tunnel, nothing else can get in, and it’s relatively safe.
What happens if you don’t have a SSL certificate?
  • One, they’re usually free anymore so not having one is kind of pointless. The only time you really should consider paying for one is if you’re doing credit card transactions or collecting super sensitive information.
  • Two, Google LOVES SSL certificates because it provides their users (the people who search using Google) a safer experience, so of course all things being equal, Google will choose the site with the SSL certificate. And, and this is the most important part, Google will throw up a wall before the user ever goes to your site and say, HEY, are you sure you want to visit this website? It’s not secure! – Guess how many people back out of that scenario. They could still proceed to your site after dancing around that wall, but no one does.
  • Three, and of course this is why Google throws up that wall, your site is at a lot higher risk of being attacked by hackers. Even the free SSL cert prevents most attacks, and again, it’s usually free or dirt cheap, so why wouldn’t you?
How do I get an SSL certificate?
  • You buy your SSL certificate from your hosting company or your domain name registrar. It’s usually a simpler process to buy it from your hosting company though because that’s where it has to get installed.
Why are there different versions of SSL Certificates and which one should I choose?
  • So this is general information because every website host has their own versions of SSL certificates, but most come in a few flavors.
  • Usually
    • free version
    • mid tier paid version
    • deluxe version
  • Let’s take GreenGeeks Hosting as an example (affiliate link). They only have 2:
    • “Let’s Encrypt”, which is a free SSL certificate that
      • Free
      • Personal Websites (but I use them on commercial)
      • Renews quarterly
      • Works on subdomains
      • 256 Bit Encryption
      • Mobile and Browser Compatibility – 85% of all web users worldwide
        • Meaning users with Windows XP or really old devices won’t see it as valid
      • Does Not’ come with a Site Seal (an image) or the Warranty
      • Limited Installation Help BUT
        • If something goes south, they’ll fix it or tell you how to fix it, and I can’t remember the last time the install didn’t work
      • Covers first-level sub-domains like:
      • But not secondary level domains like
    • GlobalSign/Premium AlphaSSL
      • $49.95 on sale, otherwise $99.95/year
      • Also secures second-level sub-domains
      • Can be a better choice for those doing credit card transactions because it comes with a warranty, but only up to $10,000. If you want more, i.e. up to $1.5mil, you need to set that up directly with their tech support.
      • Also a good choice if you’re collecting sensitive information, like social security numbers