Does My Website Need an SSL Certificate?

What is a Secure Sockets Layer (SSL) Certificate?

Techopedia defines an SSL Certificate as “a form of Web authentication used to validate website security and provide identity protection to website users.” When someone visits your website, the SSL process encrypts the communications between his/her browser and your website. SSL Certificates enable your website to use the HTTPS secure protocol, helping to ensure any information submitted on your website is encrypted.

What is HTTPS?

Hypertext Transfer Protocol Secure (HTTPS) enables encrypted communications between the site visitor and the web server. Having an SSL Certificate properly configured on your web server enables you to configure your website to also use HTTPS. Every packet of data sent over HTTPS is encrypted, which helps protect credit card transactions, billing information, login information from the prying eyes of bad actors that may try to intercept the communications.

Why should you care?

There are several reasons you should want your website to have an SSL Certificate and properly configured HTTPS. Google and Firefox browsers now display a green lock icon next to the address of HTTPS secured sites as shown in the graphic below.

Requiring HTTPS transactions builds trust with your visitors by showing that you care enough about them to help protect their e-commerce transactions, privacy and identity. Seeing that green lock helps your site visitors and customers feel that you are a trustworthy business.

Every reputable payment processor will require your website to use HTTPS when collecting any payment information. Some payment processors require HTTPS support throughout all pages of your website.

In fact, non-secured pages are now receiving a special treatment in Google Chrome. The screen capture below shows that effective July 2018, Google will add “Not secure” to the address bar of any page that does not fully support HTTPS. Imagine the impression a “Not secure” message gives to your customers and prospects. When customers have a choice of vendors, don’t allow something like a missing SSL Certificate detract sales from your business.

You’re convinced! How do you get an SSL Certificate for my site?

Some web hosts, such as WP Engine, provide a free SSL Certificate with all their hosting plans. WP Engine provides detailed instructions at https://wpengine.com/support/add-ssl-site/ on how to setup an SSL Certificate for your website. If you need any assistance, WP Engine has one of the best support teams available and we’re happy to help as well.

GoDaddy, another popular web host, recently sent an email out, encouraging its customers to add an SSL Certificate before July 1, 2018. GoDaddy’s SSL Certificates start at $59.99 for the first year and $74.99 on renewal. Instructions for setting up your GoDaddy SSL Certificate are available at https://www.godaddy.com/help/ssl-certificates-1000006.

What if you believe you already have an SSL Certificate?

It’s possible you already have an SSL Certificate for your website. You can verify your site is using an SSL Certificate by visiting the Qualsys SSL Labs SSL Server Test website. It’s a free service that conducts a deep analysis of the web address you provide to help verify an SSL Certificate is in place, that’s valid and that it’s properly configured.

Be sure to verify all pages are properly supporting HTTPS instead of having mixed HTTP & HTTPS content. In the address bar, mixed content will be displayed as shown in the screen capture to the right. Notice the HTTPS:// preceded by the circled information icon. Mixed content frequently results from having logos with non-HTTPS links, text links that reference external non-HTTPS sites, and even internal links that were entered as HTTP vs. HTTPS.