Why Do I Need An SSL Certificate?

Time is up. If your site is still running over HTTP:// you need to get SSL and convert it to HTTPS://.

If you have not installed an SSL certificate on your website and migrate to HTTPS, then your website WILL be marked “Not Secure” (I have examples below).

The short answer is that the web browsers are beginning to require it as a basic standard. The internet, as we know it, is built on HTTP (Hypertext Transfer Protocol). And while HTTP has performed admirably over the past two decades, it has one glaring flaw: it’s not Secure. Any information transmitted via an HTTP connection is out in the open. When I say that, I mean that it’s easy to eavesdrop on the connection. From there you can steal information, or position yourself between the user and the server, allowing you to perform what is called a Man-in-the-Middle attack.

When you install an SSL Certificate, you can begin using HTTPS instead of HTTP. HTTPS is the secured version of HTTP. It uses encryption to both authenticate the server and to protect any information being transmitted. You can understand why the browsers would want this to be standard, after all, information security is more important than ever these days.

Why do the browsers get to decide?

There’s a couple of parts of this question to hash out. First of all the browsers are in a position, somewhat literally, that allows them to dictate their terms. Answer me this, do you know how to use the internet without either a desktop or mobile browser? I’m going to go out on a limb here and say that the answer is no. People need browsers to surf the internet, and businesses need browsers to display their websites properly when people decide to visit them. If the browsers tell websites, “do this or we’re going to penalize you” – there’s going to be quite a bit of incentive to comply. The browsers have quite a bit of power.

Having said that, the browsers didn’t necessarily “decide,” per se. That sounds a little too ominous. They’re acting in the interest of their users and there’s a certain utility to that, which is worth commending. Secure connections mean greater user safety which, in turn, creates a safer internet.

What if I don’t need SSL?

You’re thinking about it wrong, then. At this point, it’s not about who does and doesn’t need SSL. At this point, it’s about the fact that the browsers are shifting the internet to HTTPS. Beyond the simple fact that secure connections are safer, there’s a technical reason for wanting to make this shift, too.

HTTPS is the successor to HTTP. It’s faster, it performs better and its daddy could beat up HTTP’s daddy. It also requires secure connections. HTTPS is the standard the internet wants to adopt universally. So requiring SSL also helps to facilitate the shift to HTTPS as well.

How Does SSL Work?

I’m going to give you the abridged version, an SSL certificate is basically a piece of software that you install on a server that allows you to both authenticate said server and enforce secure connections with it. You start by acquiring the SSL certificate

you’d like to use on your website, installing it on your server and then configuring your domain so that it points to HTTPS addresses instead of HTTP ones. Once it’s live, and visitors begin arriving at your website, they will be sent a copy of the certificate itself, as well as a public key when they first connect. The user’s browser and the server then use the certificate and its underlying Public Key Infrastructure to authenticate the server (ensuring that it is the rightful owner of the certificate) before exchanging symmetric session keys and forming an encrypted connection.

Got it? Good.

Final Thoughts

We’ve been saying this all year, but it doesn’t hurt to hear it one last time: YOU NEED TO GET SSL.

It’s not optional anymore. It’s not just a product for big websites. Or just for banks and e-commerce. EVERYONE needs SSL in 2018.

So don’t wait until the last minute! Handle it now. Contact FZP Digital .